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(54) IMethod and system for copyright protection of digital Images transmitted over networlcs 



(57) A mettxxi for protecting digital images distrib- 
uted over a network, including the steps of receiving a 
request from a cOent computer runn&ig a network 
browser, for an originai layout page containing refer- 
ences to digital images therein, parsing the original lay- 
out page for the references to digital images, generating 



a modified layout page from the original layout page by 
replacing at least one of the references to digrtal images 
in the original layout page with references to substitute 
data, and sending the modified layout page to the client 
computer A system is also described and claimed. 
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Description 

FIELD OF THE INVENTION 

[0001] The present Invention relates to copyright 
protection of digital data. 

BACKGROUND OF THE INVENTION 

[0002] Software copyright protection is a central 
concern in software development, and in copyright law 
itself. Typically, software is distributed in shrink-wrap 
packages containing diskettes and/or CD-ROMs, and 
over the Internet via ftp servers . Protecting software 
from rampant unauthorized copying, distribution and 
use ("software piracy") is one of the most challenging 
prot}lems facing the software industry. 
[0003] Over the past years, several techniques 
have been developed for combating software piracy. 
These include use of hardware plugs, use of license 
keys, use of tokens and sophisticated encryption sys- 
tems. 

[0004] One of the leading technologies for control- 
ling use of software within turnkey transaction systems 
is the Digital Rights Management system of InterTrust® 
Technologies Corp. of Sunnyvale. CA, as descrbed In 
US. Patents Nos. 5,692.900, 5,410.598, 5,050.213. 
4.977.594 and 4.827.508. Infbnnation about InterTrust 
is available on the web at http:/Avww.intertrustcom. 
[0005] Another such leading technology Is the 
CyberSales Solution^ of SoftLjock.com. Inc. of May- 
nard. MA. as described in U.S. Patent Na 5,509,070. 
CyberSales Solution provides locking and unlocking 
functionality so that content can be securely previewed 
t>y consumers, electronically purchased and recfistrib- 
uted, and it protects the content In an initial transaction 
and in subsequent Information pass-along. Content pro- 
viders can control how much information is available 
without paying, and disable, or additionally charge for, 
the ability to print or cut and pasta CyberSales Solution 
handles secure transactions, remittance processing, 
reports, audits and customer service. Infonnation about 
CyberSales Solution is available on the web at 
httpyMww.60ftlock.com. 

[0006] With the advent of the use of compelling 
multi-media on web pages accessible over the Internet, 
protection of digital images arxj other media is t>ecom- 
ing increasingly aitical. Web designers are reluctant to 
use valuable digital \vorks of art' knowing that users 
can easily copy^em onto their own computers, and use 
ttiem for their own unauthorized purposes. Moreover, 
anyone using a web browser to view an image posted 
on the Internet can easily copy the image by simply 
positioning a mouse pointer over the displayed image, 
ciiddng on the right mouse button and selecting a "Save 
Image As ..." command. Copyright arid piracy issues 
are major protilems for web publishers. 
[0607] Prior art techniques for protecting digital 



images include the embedding of invisible digital water- 
marks within images, so that copies of protected images 
can be traced. Digimarc Corporation of Lake Oswego, 
OR enrbeds hidden messages within pixel data for iden- 

5 tifying protected images, aixJ tracks their distritsution 
over the Internet to monitor potential copyright infringe- 
ment. Digimarc images carry unique IDs that link to pre- 
detennined locations on the web. Digimarc images are 
compatittle with standard image formats, such as 

10 JPEG, and can be opened and displayed by standard 
image readers. However, when opened with a Digimarc 
reader, the images are displayed together with a "Web 
look up" button that enables a user to identify the 
sources of the images. Digimarc technology is 

15 described in U.S. Patents Nos. 5,862,260. 5.850,481. 
5.841.978. 5,841.886, 5,832,119. 5.822.436. 
5,809,160. 5.768,426, 5,765.152, 5,748.783. 
5,748,763. 5.745.604. 5,721.788, 5.710.834 and 
5.636,292. Information about Digimarc is available on 

20 the web at htlp-7/www.digimarc.oom. 

[0008] These techniques are useful in thwarting 
digital image piracy to the extent that they trace pirated 
content, but they do not prevent unauthorized copying of 
digital images in the first place. 

25 [0009] Other prior art techniques require a web- 
master to modify images residing on a sender computer 
in order to protect them. The webmaster is also required 
to nxKjrfy his web pages accordingly, so as to reference 
the modified images. SafeMedia is a software product 

30 of Internet Expression, Inc. of Exton, PA that converts 
images from a standard fonmat such as JPEG into a SIF 
(Safe Image Format). SIF images can only be viewed 
wHh a SafeMedia Java viewer. SafeMedia embeds a 
host or domain name into an image, and checks that ttie 

3S image is located on the web site it was intended for. 
SafeMedia also includes enhanced system control for 
preventing saeen capture by disabling a clipboard. 
Information about SafeMedia is available on the web at 
htlp7Awww.safemedia.com. 

40 [0010] These techniques are difficult to embrace, 
since they require modification of all protected images 
on the web. as well as modification of the web pages 
that reference them. Furthermore the SIF Java viewer 
has the limitation of only being able to load images from 

45 the same server that the viewer came from. 

[001 1 ] Other prior sit techniques for protecting dig- 
ital images use Java applets within web browsers to dis- 
able the menu that pops up when a user right dicks on 
a displayed image wHhin his web browser. Copysight® 

so is a software application of Intellectual Protocols. LLC of 
Nanuct, NY that uses digital watermarking and finger- 
printing to protect images, and includes a Java applet 
that disables the ability to save displayed images within 
a web browser and the ability to print them. Copysight 

55 operBtes by converting unprotected files to protected 
fQes that are encrypted and that contain digital finger- 
prints. Copysight also tracks distrbution of protected 
images across the Internet and issues reports of poten- 
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tial copyright infringement It allows a wet administrator 
to select which files are to be protected. Information 
about Copysight is available on the web at 
http;/Atfww.ip2,com. 

[GDI 2] These techniques disable unauthorized cop- 
ying of digital images from within web- browsers, but 
they do not protect the images from copying by an appli- 
cation external to the web browser. For example, they 
do not prevent a user from copying digital images dis- 
played in his web browser by means of an application 
running external to the web browser, such as an image 
editing tool, or by means of a Print Screen or other such 
comnrtand that serves to copy contents of a video buffer 
to a clipboard. Thus a Java applet that prevents unau- 
thorized copying of digital images from within Netscape 
Communicator or Internet Explorer can be circum- 
vented by a user pressing on a Print Screen button of 
his keyboard, or by a user copying and pasting from a 
window of his web browser to a window of another soft- 
ware application. 

SUMMARY OF THE INVENTION 

[0013] TTie present invention provides a method 
and system for enabling a us6r to view protected image 
data using his web browser without being able to copy it. 
The slogan "Look but Don*t Touch™' has been adopted 
to describe the feature of the present invention that ena- 
bles a user to view content without being able to copy it 
into his computer. 

[0014] The present invention Is distinct from prior 
art methods in several respects. A first distinction is that 
the present invention displays an image to a user with- 
out downloading unnvxlified image data to the user's 
computer. Thus, unlike software piracy techniques that 
protect an original copy of software from being illegally 
copied, the present Invention does not provide an origi- 
nal copy in the first place. 

[0015] A second distinction is that the present 
invention prevents a user from copying a protected 
image both from within and from without his web 
browser. Specifically, the present invention blocks copy- 
ing of an image from within his web browser, when a 
user selects the 'Save Image As ...' command and 
when a user prints the ojrrtents of a web browser win- 
dow, tt also blocks copying of an image from without 
when a user presses the 'Prim Screen^^J)u^ of his 
keyboard or attempts to copy from his web tarowser win- 
dow and paste onto a window of another application, or 
when a third party software application attempts to use 
the 'Print Saeen" command. 
[0016] In a preferred embodiment the present 
invention uses a software web server plug-in that fitters 
hfTTP requests and sends substitute data, such as 
encrypted image data, for requested image data that is 
protected. It also uses a software web browser plug-in 
for displaying the sufctstitute data and for blocking the 
ability to copy protected image data being displayed 



from the video buffer of the user's computer, tt also uses 
a management tool for setting protection status of 
images and web pages residing on one or more server 
computers. 

5 [0017] There is thus provided in accordance with a 
preferred embodiment of the present invention a 
method for protecting digital images distributed over a 
networK including the steps of receiving a request from 
a client computer running a network tvowser, for an 

10 original layout page corrtaining references to digital 
images therein, parsing the original layout page for the 
references to digital images, generating a modified lay- 
out page from the original layout page by replacing at 
least one of the references to digital images in the orig- 

15 inai layout page with references to substitute data, and 
sending the modified layout page to the client computer. 
[001 8] There is further provided in accordance with 
a preferred embodiment of the present invention a 
method for protecting files distributed over a network, 

20 including the steps of displaying a list of files, generating 
protection status infbmration in response to selection by 
a user of at least one of the files in the list of files, and 
sending the protection status information to a server 
computer. 

25 [P0191 There is yet further provided in accordance 
with a prefen-ed embodiment of the present invention a 
system for protecting digital images distributed over a 
network, including a receiver receiving a request from a 
client computer running a networic browser, for an origl- 

30 nal layout page containing references to digital images 
thereia a layout page parser parsing the original layout 
page for the references to digital images, a layout page 
generator generating a mocfified layout page from the 
original layout page by replacing at least one of the ref- 

35 erences to digital images in the original layout page with 
references to substitute data, and a transmitter sending 
the modified layout page to the client computer. 
[0020] There is moreover provided in accordance 
with a preferred embodiment of the present inventton a 

40 system for protecting files distrbuted over a networi^ 
including a user interface displaying a list of files, a pro- 
tection status manager generating protection status 
information in response to selectton by a user of at least 
one of the files in the list of files, and a transmitter send- 

45 ing the protection status information to a server compu- 
ter. 

[0021 ] There is additionally provided in accordance 
with a preferred embodiment of the present invention a 
method for protecting digital images distributed over a 

so network, including the steps of receiving a request from 
a client computer, submitting the request to a server 
computer, receiving an original layout page containing 
references to digital images therein from the server 
computer, parsing the original layout page for the refer- 

55 ences to digital images, generating a modified layout 
page from the original layout page tsy replacing at least 
one of the references to digital images in the original 
layout page with references to substitute data, and 



5 



EP 1 001 330 A2 



6 



sending the mcxiified layout pagelo the client oomputer. 
[0022] There is further provided in accordance with 
a prefened embodiment of the present invention a sys- 
tem for protecting digital images distributed over a net- 
work, induding a receiver receiving a request from a s 
cliem computer and receiving an original layout page 
containing references to digital images therein from a 
sender computer, a transmitter submitting the request to 
the server computer and sending a nxxlified layout 
page to the client computer, a layout page parser pars- io 
ing the original layout page for the references to digital 
images, and a layout page generator generating the 
modified layout page from the original layout page by 
replacing at least one of the references to digital Images 
in the original layout page with references to substitute is 
data. 

[0Q23] There is yet further provided in accordance 
with a preferred embodiment of the present invention a 
method for protecting digital images displayed in a web 
browser, including the steps of displaying a digital 20 
image by a web browser, the digital image including 
pixel data, requesting access to pixel data of the digital 
image, and in response to the requesting, blocking 
access to pixel data of the digital image. 
[0024] TTiere is additionally provided in accordance 25 
with a preferred embodiment of the present Invention a 
method for protecting digital images displayed in a web 
browser. Induding the steps of displaying a digital 
image by a web browser, the digital image induding 
pixel data, requesting access to pixel data of the digital 30 
image, in response to the requesting, intercepting a 
request to access pixel data of the digital image, and 
providing substitute data to pixel data of the digital 
image in a response to the request to access pixel data 
of the digital imaga 35 
[0025] TTiere is moreover provided In accordance 
with a preferred embodiment of the present Invention a 
system for protecting digital images displayed in a web 
browser, Induding a web browser displaying a digital 
image, the digital image including pixel data, a conv 40 
mand processor requesting access to pixel data of the 
digital image, and a request blocker, doddng access to 
pixel data of the digital image requested by the com- 
mand processor. 

[0026] There is further provided in accordance with 45 
a preferred embodiment of the present invention a sys- 
tem for protecting digital images displayed in a web 
browser, induding a web browser displaying a digital 
image, the digital image induding pixel data, a com- 
mand processor requesting access to pixel data of the 50 
digital image, a request intercepta intercepting a 
request to access pixel data of the digital image 
received from the command processor, and a data proc- 
essor providing substitute data to pixel data of the digital 
image in a response to the request to access pixel data ss 
of the digital image. 



BRIEF DESCRIPTION OF THE DRAWINGS 

[0027] The present invention will be more fully 
understood and appreciated from the following detailed 
description, taken in conjunction with the drawings in 
which: 

Rgure 1 is a simplified illustration of a system for 
copyright protection of digital images for use within 
a distributed server-dient computing environment, 
in accordance with a prefened embodiment of the 
present invention; 

Figure 2 is a simplified flowchart of a method for 
protecting digital images tfiat are distributed within 
a server-client computing environment in accord- 
ance with a preferred embodiment of the present 
invention: 

Figure 3 is a simplified illustration of a management 
system, for managing protection of digital images, 
in accordance with a prefen-ed embodiment of the 
present invention; 

Rgure 4 is a simplified flowchart of a method for 
managing digital image protection, in accordance 
witii a preferred embodiment of the present inven- 
tion; 

Rgure 5 Is a simplified illustration of a system for 
copyright protection of digital images that are refer- 
enced in dynamically generated web pages, in 
accordance with a prefen-ed embodiment of the 
present invention; 

Rgure 6 Is a simplified flowchart of a method for 
protecting digital images that are referenced in 
dynamically generated web pages, in accordance 
witii a preferred embodiment of tiie present inven- 
tion; 

Rgure 7 is a simplified illustration of a system for 
preventing unauthorized copying of digital images 
within a dient oomputer. in accordance with a pre- 
fened embodiment of the present invention: 
Rgure 8 is a simplified flowchart of a method for 
preventing unauthorized copying of digital images 
within a dient computer, in accordance witii a pre- 
ferred embocfiment of the present invention: 
Rgure 9 is a simplified Illustration of a system for 
copyright protection of digital images residing on a 
computer tiiat are referenced in a web page resid- 
ing on a different conrputer; 
Rgure 10 is a simplified flowchart of a method for 
copyright protection of digital inrtages residing on a 
oomputer tiiat are referenced in a web page resid- 
ing on a different computer, 
Rgure 11 is an illustration of a user interface dia- 
bgue box for adding a new site, wrttiin a protection 
management tool operative in accordance witii a 
preferred embodiment of the present invention; 
Rgure 12 is an illustration of a user interface (tia- 
logue box for accessing a site, within a protection 
management tool operative in accordance witii a 
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preferred embodiment of the present irtvention; 
Figure 1 3 is an illustration of a user interface screen 
for setting protection status, within a protection 
management tool operative in accordance with a 
preferred emtxxJiment of the present invention; 
Rgure 1 4 is an illustration of a tool bar within a pro- 
tection management tool operative in accordance 
with a preferred embodiment of the present inven- 
tion; 

Figure 15 is an illustration of a user interface dia- 
logue box for setting server parameters within a 
protection management tool operative in accord- 
ance wrth a preferred embodiment of the present 
invention; 

Rgure 16 is an illustration of a user interface dia- 
logue box for modifying a password fa accessing a 
web server, within a protection management tool 
operative in accordance with a preferred embodi- 
ment of the present invention; 
Rgure 17 is an illustration of a user interface dia- 
logue box for a site list, within a protection manage- 
ment tool operative in accordance with a preferred 
embodiment of the present invention; 
Rgure 18 is an illustration of a user interface dia- 
logue box for defining mirror sites, within a protec- 
tion management too) operative in accordance with 
a prefen-ed embodiment of the present invention; 
and 

Rgure 19 is an illustration of a virtual directory 
properties file residing on a web server computer in 
accordance with a preferred embodiment of the 
present invention. 

DETAILED DESCRIPTION OF A PREFERRED 
EMBODIMENT 

[0028] The present invention concerns protection of 
digital Images transmitted over a network from unau- 
thorized copying and use. Unlike prior art mettiods used 
to prevent software piracy, the present invention ena- 
bles a user to view arl image in his web browser without 
ever receiving original unmodified digital image data, 
and without being able to save the displayed image on 
his computer. 

[0029] Typically, digital images are viewed over the 
Internet within web pages, such as hyper-text markup 
language (HTML) or extended markup language pCML) 
pages. Such web pages are electronic data files, stored 
on server computers, containing layout information for 
displaying text and graphics, and for running software 
applications such as Java applets. Typically, the data for 
the graphic . objects, such as images, displayed within a 
web page is not contained within the web page f fle itself. 
Instead, the graphic objects reside elsewhere on the 
same sender computer or other server computers, and 
the web page file contains references, to the graphic 
objects. A reference to a graphic object specifies the 
network address of the computer containing the graphic 



object, such as an IP address, together with the dirdc- 
tory path (relative to a prescribed root directory) and 
filename for the graphic object. 
^ [0030] When a web browser in a client compirter 

5 downloads a web page file, it parses the web page in 
order to display it on a video monitor. While parsing the 
web page, the web browser encounters the references 
to graphic objects, and in turn downloads the graphic 
objects. Downloading a web page file and the graphic 

10 objects it references is typically done through the HTTP 
protocol. Client requests for data on server computers 
are issued thnDugh HTTP requests, and data transmis- 
sion from server to client is issued through HTTP 
responses. 

15 [0031] After downloading the graphic objects, the 
web browser can render the web page with the graphic 
objects embedded therein, and display it to the user on 
his video monitor In turn, the user can interact with the 
displayed web page by clicking on hyper-links to other 

so web pages, or by interacting with an application such as 
a Java applet 

[0032] Most web browsers enal>le a user to view the 
source for the web page being displayed. For exanple. 
they may contain a menu item "View Page Source" 

25 under a "View" heading. In addition, they also enable a 
user to save images being displayed, by right-clicking 
on such an image with a mouse cursor positioned ther- 
eover, and selecting a "Save Image As ..." menu item. 
Upon selection of the "Save Image As ..." item, the web 

30 browser opens an Explorer type directory window that 
enables the user to select a folder and filename for the 
image being saved. 

[0033] In a preferred embodiment of the present 
invention, the image data that is transmitted from a 

3S server computer to a client computer is encrypted 
image data that is generated from the original image 
data by encoding it using an encryption algorithm. In 
this embodiment additional software may be required 
by the web browser in order to decode the encrypted 

40 data, since a standard web browser typically supports 
only a limited number of Image file formats, such as GIF 
and JPEG, and may not contain the decoder necessary 
to decrypt the encrypted image data. For the Netscape 
Cormiunicator web browser of Netscape Comnunica- 

45 tions, Ina of Mountain View, CA. such additional soft- 
ware may be a plug-in or a Java applet For the Internet 
Explorer web browser of Microsoft Corporation of Red- 
mond, WA. such additional software may be an Active- 
X control or a Java applet. The additional software is 

50 used to decode the encrypted image data, and render it 
for display on a video monitor. 
[0034] When a user atterrpts to save an image 
being displayed by his web browser, the present inven- 
tion, in a prefen-ed embodiment presents- him from 

55 doing sa There are several manners in which a us^ 
can attempt to save an image being displayed. The user 
may select the "Save Image As ..." menu option that 
appears with right-clicking on the image. 
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[0035] The user may also atlenTpt to save an image 
being displayed by copying the image from his web 
browser's cache. Typically, images being displayed by 
web browsers are stored temporari'y in a local cache on 
the dient computer. . 

[0036] The user may also attempt to copy the entire 
screen by pressing a "Print Screen" command key on 
the keyboard. Typically, this causes the contents of the 
video display buffer to be pasted onto the user's dip- 
board. The user may also attempt to save an image 
being displayed by running a software application out- 
side of is web browser. For example, an image editing 
application, such as Paint Shop Pro of Jasc Software, 
may have the capability of copying images from within 
web browsers to their own windows. 
[0037] For each scenario whereby the user 
attempts to save an image being displayed by his web 
browser, additional software used by the web browser is 
operative to prevent the image data from actually being 
saved. In one embodiment the present invention 
replaces the image being saved with substitute data, so 
that the user in fact saves a substitute Image. For exanv 
pie, the substitute image may be an encrypted image, 
which the user is unaUe to view. For another example, 
the substitute image may be a watermarked version of 
the original image, derived therefrom by composing 
watermarks over the imaga For yet another example, 
tfie substitute image may be a presaibed Image, possi- 
bly unrelated to the image being displayed by the web 
browser. Thus when the user selects the "Save Image 
As ..." option, or presses the "Print Screen" button, or 
copies the image (rota another software application, the 
image that is saved into the tocsA file system or copied 
to the clipboard Is a sut}stitute image. 
[0038] In another embodiment the present inven- 
tion disables the user's ability to save an image being 
displayed, and does not enable the user to save image 
data at all. For exanple. the "Save Image As ..." menu 
option may be disabled, so that the user cannot select it 
and the 'Print Screen" key on the keyboard may be dis- 
abled so that when the user presses on it nothing hap- 
pens, and copying of the image by other software 
applications may be blocked. 
[0039] As described in detail hereinbelow, control- 
ling or disabling the "Save Image As ..." menu option is 
pr^erably accomplished by addittonal software used by 
the web browser through intervention wHh mouse con- 
trol functions. Controlling or disabling the 'Print Screen' 
key on the keytx>ard is preferably accomplished by addi- 
tional software used by the web browser through inter- 
vention witii keyboard control functions. Controlling or 
disabling copying of displayed image data by other soft- 
ware applications is preferably acconplished within the 
Windows operating system by intervention ("patching") 
wttti the Windows application programming interface 
(API) functions which copy pixel data from the video 
buffer of a computer, such as BttBIt StretchBlt. PIgBIt 
QetPixel and QDI32. 



[0040] Similariy. controlling or disabling copying of 
displayed image data by other software applications is 
preferatily accomplished within the Macintosh operating 
system by using a system extension to intervene witti 

5 ToolBox functions. Tool Box calls are managed by an 
array of pointers in a Trap Dispatch Table, each pointer 
pointing to appropriate program code. As described in 
more detail hereint^low, the system extension can 
change ttiese pointers so ttmt they point to different pro- 

10 gram code. The different program code corresponds to 
patched ToolBox functions. 

[0041 ] A web server administrator, (\vebmaster") is 
responsible for configuring web server software and for 
managing web pages and images stored on a server 

15 computer. Typically, ttie administrator may wish to pro- 
tect some of tfie images from unautfiorized copying or 
use. and may wish to have other images unprotected, in 
accordance witii instructions from the owners of the 
images. In a preferred embodiment tiie present inven- 

20 tion includes a management tool for managing protec- 
tion of digital images residing on a server conrputer. The 
management tool preferably enatiles an adminisb-ator to 
select specific images to be protected from unautfior- 
ized copying or use as described hereinabove. 

25 [0042] Image protection may be specified in several 
modes, including (0 on an indivkJual image-by-image 
basis, (ii) on a web page basts, (iii) on a folder basis, 
and Ov) on a tagged basis, as described hereinbelow. 
Protection specification on an individual image-by- 

30 image basis is carried out by selecting one or more 
image files witiiin the management tool, preferably by a 
user interface that presents an Explorer-type window for 
navigating through f ile systems. 
[P043] Protection specification on a web page basis 

35 is carried out by selecting one or more web page files 
within ttie management tod. Selection of a web page for 
protection entails protection of all images referenced 
within tiie selected web page. In one embodiment of the 
present invention, such referenced images are main- 

40 tained protected when tiie same images are referenced 
wittiin other web pages. In an alternate embodiment of 
ttie present invention, such referenced images are pro- 
tected only when referenced within web pages ttiat are 
protected. 

45 [0044] Protection specification on a foUer basis is 
carried out by selecting one or wore fokJers wittiin the 
management tool. Selection of a folder for protection 
entails protection of all web pages and all images refer- 
enced within the selected folder and, recur^ely, witiiin 

50 all sut>-foUers thereof. 

[0045] Protection specification on a tagged basis is 
can-ied our by delineating segments within a web page 
ttiat are to be protected by protection tags. Spedficatly, 
in a prefened embodiment of ttie present invention, pro- 

65 tect and unprotect tags, such as < (protects) and 
(lA^rotect), are used to bound segments of layout 
instruction within a web page, and every image refer- 
enced wittiin such a segment between the tags is pro- 
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tected. Preferably, images referenced between the 
protection tags are protected only when referenced 
between protection tags within web pages, and are oth- 
erwise unprotected, unless additional protection has 
been specified by one of the above niodes (Individual 
image-t>y-infiage basis, web page basis, and/or folder 
basis). 

[0046] In a prefen-ed embodiment of the present 
invention, the n^nagement tool can be used to change 
the protection status (protected / unprotected) of 
images on a server computer from time-to-time. 
[0047] In a prefen-ed embocfiment of the present 
irrvention, the management tool need not be operated 
from the server computer that contains the images 
whose protections are being specified: Instead, it can 
be executed from any computer connected to such 
server computer via a network. Thus a web administra- 
tor can remotely set the protections of images on rrulti- 
ple server computers from his own local computer, as 
long as there is a network connection between his com- 
puter and the multiple server computers. 
[0048] Reference is now made to Rgure 1 , which is 
a simplified illustration of a system for copyright protec- 
tion of digital images for use within a distributed server- 
ciient computing environment, in accordance with a pre- 
ferred embodiment of the present invention. A sewer 
cooputer 100 typically Includes web server software 
102 that serves web pages 104 to a plurality of client 
computers 106 over the Internet. Web pages 104 typi- 
cally contain references to Images that are to be 
embedded within the pages when the pages are ren- 
dered on client computers 106. The Images referenced 
in web pages 104 typically reside on server computer 
100, although they may reskie on other computers as 
well. Operation of the present invention when the 
images reside on other computers is described below 
with reference to Rgure 9 and Rgure 10. 
[0049] Some of the images referenced in web 
pages 104 are preferably designated as protected 
images 108, which the owners desire to protect from 
unauthorized copying or use. Others of the images ref- 
erenced in web pages 104 are designated as unpro- 
tected images 110. which the owners are not concerned 
about protecting from unauthorized copying or use. 
Designation of images as protected or unprotected is 
typically made by the owners of the images. For exam- 
ple, images may be designated as protected images 
when they contain significant creative content and 
images may be designated as unprotected images 
when they contain little or no creative content it being 
understood that other aiteria can be used alone or in 
combination as a basis for distinguishing between pro- 
tected and unprotected images. 
[0050] Client computers 106 typically use web 
browser software 1 12 to access web pages staed on 
server computers 100, over the Internet A web browser 
1 12 requests a web page 104 from a server computer 
100 by issuing an HTTP request. An HTTP request 



anriving at server computer 100 is processed by web 
server software 102. 

[0051] In a prefen-ed embodiment of the present 
invention, an incoming HTTP request to server compu- 

5 ter 1 00 Is routed to an HTTP request filter 1 1 4. HTTP fil- 
ter 114 accesses the requested web page 104 and 
parses it using a web page parser 1 16. to identify the 
images that are referenced therewithin. Server compu- 
ter 100 maintains a protection status datat)as6 118 that 

10 stores a protection status (protected / unprotected) for 
each image resicfing on server computer 100. HTTP fil- 
ter 1 14 determines the protection status of each image 
referenced within web page 104, using protection status 
database 1 18. It will be appreciated by those skilled in 

IS the art that protection status database 1 18 may reside 
on a different computer than server computer 100, but 
when it resides on server computer 100 the system of 
the present invention can conveniently determine pro- 
tection status of images without having to retrieve such 

20 information from another conrputer. 

[0052] An unprotected image 1 1 0 referenced within 
web page 104 is handled by web server software 102 in 
the normal fashion. Specifically, neither the reference to 
unprotected Image 1 10 nor intage 1 10 itself are modi- 

26 tied. However, a protected image 1 08 referenced within 
web page 104 is handled differently. A nrxxlified web 
page 120 is generated by a web page modifier 122. 
Specif icaily, the reference to protected Image 108 in 
web page 104 is nrxxfif led tiy web page modifier 122 so 

30 as to reference substitute data 1 24. 

[0053] Substitute data 124 preferably corresponds 
to an image that Is visually iderttk:al or sutistantially sim- 
ilar to protected image loa When substitute data 124 
corresponds to an image that is visually identical to pro- 

35 tected image 108. it is preferably an encrypted versfon 
of the protected image data. In a preferred embodiment 
of the present invention, the chokie of what type of sut}- 
strtute data 124 to use depends on the owners prefer- 
ence (e.g. whether or not to display an identical version 

40 of the protected image) and on the type of web browser 
1 12 issuing the HTTP web page request from dient 
computer 106. 

[0054] Specifically, with regard to the type of web 
browser 112 issuing the HTTP web page request web 

45 browsers 1 12 may include software that functions as a 
substitute data processor 126, in the form of a browser 
plug-in. Java applet or Active-X control. Such a substi- 
tute data processor Is capable of rendering an 
encrypted image, and is also capable of preventing a 

so user of client computer 1 06 from copying an image that 
is displayed by web browser 112. 
[0055] In a prefeaed embodiment of the present 
invention the substitute data processor is not a Java 
applet, since Java applets are not readily capable of 

55 protecting against Windows API calls that access ptxei 
data from the video buffer of a computer, as mentioned 
hereinabova However, it is apparent to those skilled in 
the art that as Java capabilities are extended. Java 
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applets may become appropriate for such protection. 
[0056] When web browser 112 includes substitute 
data processor 126. substitute data 124 can be 
encrypted image data, or other image data in a format 
that would not be supported by a standard web browser 
1 1 2 that does not include sut^stitute data processor 1 26. 
Furthermore, when web browser 112 includes a substi- 
tute data processor 1 26. substitute data 124 can appear 
visually Identical to protected image 108 when rendered 
by substitute data processor 126, and yet a user of cli- 
ent computer 106 Is not able to copy or use it without 
authorization. 

[0057] When web browser 112 does not Include 
substitute data processor 126, substitute data 124 
should be compatible with a standard web brmvser. For 
example, sutjstitute data 124 can be a standard JPEG 
image. Alternatively, when web browser 112 does not 
include substitute data processor 126, substitute data 
124 can be encrypted image data If modified web page 
120 is generated so as to prompt client computer to 
download sutistitute data processor 126 in order to dis- 
play substitute data 124. This is typically ttie way in 
which web pages prompt a client computer to download 
Java applets, Active-X controls wittiin Internet Explorer. 
arvJ plug-ins utilizing the Smart Update feature within 
Netscape Communicator. 

[0068] In a prefened embocfiment of the present 
invention, the determination of which images on server 
computer 100 are protected images 108 and which 
images are unprotected Images 1 10 is managed by a 
protection manager 128 residing on a remote computer 
1 30. connected to server computer 1 00 by a network. K 
will be appreciated by those skilled in the art that protec- 
tion manager 128 may reside on server computer 100, 
but the possibility of it residing on a remote computer 
130 affords greater convenience to an administrator 
who can then administer server computer 100, and 
other senmr computers as well, remotely off-site. 
[0059] Reference is now made to Rgure 2, which is 
a simplified flowdiart of a metiiod for protecting digital 
images tiiat are distributed wittiin a server-dient conv 
puting environment, in accordance with a preferred 
errbodiment of the present invention. The flowchart Is 
divided into three columns. The leftmost column 
includes steps peribrmed tiy a user, the second column 
from the left includes steps performed by a client conv 
puter, and ttie rightmost column includes steps per- 
formed by a server computer connected to ttie client 
computer over ttie Internet or such ottier networic of 
computers. 

[0060] At step 202 the client computer requests a 
connection to ttie server computer. At step 204 the 
server computer opens a communication socket 
between ttie client computer arxi the server computer. 
At step 206 ttie user requests to open a web page using 
his web browser and, in response, at step 208 ttie client 
computer issues an HTTP request for ttie web page to a 
web server on the server computer, using the web 



browser. At step 210 the web server receives the HTTP 
request for the web page from tiie client computer. 
[0061] In a prefened embodiment of ttie present 
invention, at step 212 the server computer s.wches a 

5 database to determine whether or not the web page 
being requested references any protected images, or 
has protection rags, (f so, it routes the incoming HTTP 
request to an HTTP request filter, as described herein- 
above with respect to Figure 1 . The HTTP filter applies 

10 a web page parser to the requested web page and Iden- 
tifies the images referenced therewithin. At step 214 ttie 
server computer generates a modified web page 
wherein references to ttie protected images are 
replaced with references to substitute data. The substi- 

15 tute data is preferably derived from ttie protected 
images. For example, ttie substitute data may be 
encrypted image data, obtained by applying an encryp- 
tion algorittim to the protected image data. The modified 
web page is preferably a separate web page generated 

20 by a web page modifier, so that ttie original web page is 
preserved, as indicated in Figure 1. Alternatively, ttie 
substitute references may be incorporated directty into 
ttie original web page, without generation of a separate 
modified web page. 

25 [0062] At step 216 ttie modified web page is sent 
back to ttie client computer wittiin an HTTP response. 
At step 218 ttie client computer receives the modified 
web page containing references to substitute data, and 
ttie web browser begins to render the nxxJified web 

30 page. In rendering ttie modified web page, the web 
browser encounters ttie references to ttie substitute 
data, and at step 220 ttie substitute data processor 
witiiin ttie client computer issues to ttie web server an 
HTTP request for ttie substitute data. At step 222 ttie 

35 server computer receives ttie HTTP request for ttie sub- 
stitut&data, and at step 224 ttie server sends an HTTP 
response containing ttie substitute data to ttie client 
computer. At step 226 ttie dient computer receives the 
HTTP response containing the requested substitute 

40 data, and at Step 228 ttie dient conputer processes ttie 
substitute data using a substitute data processor, as 
described hereinabove witii respect to Figure 1, and 
renders ttie web page. 

[0063] At step 230 ttie user views the web page he 
45 requested. It is ttius appredated that the present inven- 
tion enables ttie user to view protected images wittiout 
being able to download ttiem to his computer in unmodi- 
fied form. Instead, substitute data is downloaded, such 
as encrypted image data. 
50 [0064] K the server computer determines at step 
212 that ttie requested web page does not reference 
protected images and does not have protection tags, 
ttien ttie HTTP request is passed to ttie server wittiout 
any parsing. In this case, the processing is nxich sim- 
55 pier, and proceeds in ttie normal manner. Specifically, a 
modified web page is not generated and substitute data 
is not used. Rattier, at step 232 the unmodified web 
page is sent to ttie client conputer wittiin an HTTP 
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response. At step 234 the client computer receives the 
HTTP response containing the unmodified web page, 
and the web browser begins to render the web page. In 
rendering the web pt ge, the web browser encounter 
the references to unprotected images, arxj at step 236 5 
the dient computer issues an HTTP request for the 
unprotected images to the web server. At step 238 the 
server computer receives the HTTP request for the 
unprotected images, and, in response, at step 240 the 
server computer sends an HTTP response containing 10 
the unprotected Inrtages. At step 242 the client computer 
receives the HTTP response with the unprotected 
image data, and at step 244 the web browser processes 
the unprotected images and rerxJers them with the web 
page, is 
[0065] At step 230 the user views the web page he 
requested, ft Is thus appreciated that the unprotected 
image data is downloaded to the client computer as 
unmodified data, and is therefore susceptible to unau- 
thorized copying or usa 20 
[0066] Reference is now made to Rgure 3. which is 
a simplified lltustretion of a management system, for 
managing protection of digital images, in accordance 
with a preferred ennbodiment of the present invention. 
Remote computer 1 30 administers protection of images 2S 
on server computer 100 by entering and editing protec- 
tion status information (protected / unprotected) within 
protection status database 118. Remote computer 130 
retrieves file information 302 from file system 304 of 
server computer 100. and retrieves protection settings 30 
306 from protection status database 118. Using file 
information 302, a user interface 308 displays a list of 
folder names, web page file names and image fOe 
names for the files in file system 304. 
[0067] Protection settings 306 are used t}y user 3s 
interface 308 to display an indicator of protection status 
alongside each folder, web page and image. For exam- 
ple, in a prefen-ed embodiment of the present invention, 
protection settings 306 are indicated to a user as fol- 
lows: ^ 

(i) an icon of a padlock is displayed alongside 
images that are designated as protected, whereas 
no icon is displayed alongside images that are des- 
igrtated as unprotected; 4S 

(ii) a dari( blue page icon is displayed alongside 
web pages all of whose referenced images are des- 
ignated as protected, a light blue page icon is dis- 
played alongside web pages some, but not all of 
whose referenced images are designated as pro- so 
tected, and a white page icon is displayed along- 
side web pages none of whose referenced images 
are designated as protected: and 

(iii) a dark blue folder icon is displayed alongside 
folders all of whose referenced images are desig- 55 
nated as protected, a light blue folder icon is dis- 
played alongside folders some, but not all of whose 
referenced images are designated as protected, 



and a white folder icon is displayed alongside fold- 
ers none of whose referenced images are desig- 
nated as protected. 

[0068] Protection settings 306 can be edited by 
means of user interface 308. A user can select one or 
more images from among the list of image f Renames 
displayed by user interface 308, and set their protection 
status to protected or unprotected. The user can also 
select one or more web pages from among the list of 
web page file names displayed by user interface 308. 
and set their protection status to protected or unpro- 
tected. Setting the protection status of a web page to 
protected or unprotected is equivalent to setting the sta- 
tus of all the images referenced therewithin to protected 
or unprotected, respectively. In one embodiment of the 
present invention, such images referenced within a pro- 
tected web page are treated as protected within any 
other web page, and in an alternate embodiment of the 
present invention, such images are treated as protected 
only within protected web pages. 
[0069] Similariy. the user can select one or nrare 
folders from among the list of folder names displayed by 
user interface 308. and set their protection status to pro- 
tected or unprotected. Setting the protection status of a 
folder to protected or unprotected is equivalent to set- 
ting the status of ail the images and web pages within 
the folder and, recursively, within all sub-folders thereof, 
to protected or unprotected, respectively. 
[0070] After editing protection settings, the user can 
dick on a "submit" button in order to apply the modified 
protection settings on server corrputer 100; i.a, in order 
to have the modified protection settings take effect 
Clicking on the submit button causes protection settings 
306 to be transmitted from remote computer 130 to 
server computer 100. When server computer 100 
receives the modified protection settings, it incoiporates 
ttiem into protection status database 118. Once so 
incorporated, the modified protection settings take 
effect and are used thenceforth to determine the pro- 
tection status of the images on server computer 1 00. 
[0071] In a prefenred embodiment of the present 
invention, after ttie submit button is dicked and protec- 
tion etattjs database 118 is updated, the modified pro- 
tection settings 306 are indicated in user interface 308 
by updated icons, as described hereinabove. 
[0072] Reference is now made to Rgure 4. which is 
a simplified flowchart of a method for managing digital 
image protection, in accordance with a preferred 
embocfiment of the present invention. The fkwchart is 
divided into three columns. The leftmost column 
indudes steps performed by a user, the second column 
from the left indudes steps performed by a protection 
manager computer, and the rightmost column indudes 
steps performed by a server computer. 
[0073] At step 402 ttie user launches a protection 
manager software tool. At step 404 the protection man- 
ager conputer initiates connection to a web server on 
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the server computer. At step 406 the server computer 
opens a communication socket with the protection man- 
agement computer At step 408 the protection manager 
computer requests file system information from the 
server computer. The requested file system tnfonnation 5 
includes a site map of the folders and ffles in the server 
computer's file system, and protection status informa- 
tion for the folders and flies listed in the site map. Pro- 
tection status of folders and files is preferably one of the 
following: 0) protected, (i>) partially protected, (i>0 pro- 10 
tected using tags, and Ov) un-protected. 
[0074] At step 4 1 0 the server computer receives the 
request for file system information, and at step 412 the 
server computer sends the requested information to the 
protection manager computer. At step 414 the protec- is 
tion manager computer receives the requested file sys- 
tem information from the server computer, and at step 
416 the protection manager computer displays this 
information within a user interface of the protection 
manager tool. so 
[0075] At step 418 the user selects one or more 
folders and^or web pages, from among a list of folder 
names and web page file names displayed by the user 
interface. In response, at step 420 the protection man- 
ager computer requests image Information and protec- 2s 
tion status information from the server computer, for the 
images contained within the selected folders and/or for 
the images referenced within the selected web pages. 
At step 422 the server computer receives the request 
from the protection manager computer, and at step 424 30 
the sender computer sends the requested image infor- 
mation and protection status information to the protec- 
tion status computer. As part of step 424 it may be 
necessary for the server computer to parse the selected 
web pages in order to identify the images referenced 3s 
therewithin. Raising web pages is deserved herein- 
above with reference to Rgure 1 . 
[0076] At step 426 the protection manager compu- 
ter receives the image information and protection status 
information, and at step 428 it displays this infonmation 40 
within the user interface of the protection manager tool. 
Each folder name, web page file name and image ffle 
name is displayed in the user interface with a corre- 
sponding Icon alongside that indicates its pralection sta- 
tus. For example, file names of protected images are 4S 
displayed with an icon of a padlock alongside. 
[0077] At step 430 the user selects one or more 
folders, web pages and/or images from the list of folder 
names, web page file names and image file names dis- 
played by the user interface, and sets their protection so 
status to protected or unprotected. Setting a protection 
status tor one or more folders causes such protection 
status to apply to all of the images within such folders. 
Similarly, setting a protection status for one or more web 
pages causes such protection status to apply to all of 55 
the images referenced within such web pages. 
[0078] After editing tiie protection status of various 
folders, web pages and images, the user clicks on a 



"submit" button to apply the new protection settings. At 
step 432, the protection manager computer submits the 
edited image protection status information to the server 
computer. At step 434 the server computer receives the 
edited protection status information, and at step 436 the 
server computer incorporates tiiis information into a 
protection status database. At step 438 the server com- 
puter sends the updated protection status information 
back to the protection manager computer, as a confir- 
mation. At step 440 tiie protection manager computer 
receives the updated protection status information from 
tiie server computer, and at step 442 it displays the 
updated status information in the protection manager 
user interface. 

[0079] For ease of use, in a prefen-ed embodiment 
of the present invention the protection manager compu- 
ter displays modified status information upon selection 
by the user, as soon as a protect button is pressed, prior 
to submitting it to tine server computer. The changes are 
only sent to the server computer when a submit button 
has been pressed. In this embodiment steps 438, 440 
and 442 need not be performed. 
[0080] Some URL's do not correspond to existing 
web page files, but instead contain instructions, such as 
CGI script instructions or Visual Basic instnjctions, for 
generating dynamic web pages, such as active server 
pages. When a user opens such an URL. the server 
computer typically generates a web page dynamically, 
and sends the generated web page to the client compu- 
ter. 

[0081] When web pages are generated dynami- 
cally, the server computer cannot parse the web page 
for references to protected images until ttie web page is 
generated. However, when the server receives an 
incoming HTTP request to generate a web page, it 
sends tiie generated web page as an outgoing HTTP 
response back to the IP address of the originating HTTP 
request In order to be aUe to modify the generated web 
page befae sending it to the client so as to replace ref- 
erences to protected images wHti reference to substi- 
tute data, the present invention preferably re-submits 
the incoming HTTP request locally from the server com- 
puter to itself in order to be able to intercept the dynam- 
ically generated web page prior to its being sent to the 
client 

[0082] Specifically, the incoming HTTP request 
from the client computer is routed to an HTTP filter, as 
described above with reference to Rgure 1 . However, in 
distinction to Rgure 1, the HTTP filter re-submits the 
HTTP request from the server computer to itsetf. This 
ensures that when the server computer generates the 
dynamic web page, it will return it to the HTTP filter, 
ratiier than to the client. When the server computer re- 
submits the HTTP request it preferably does so by 
passing along any HTTP header information, such as a 
cooWe. or any POST information in an HTTP POST 
request. 

[0083] Before generating the dynamic web page, in 
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order to ensure that the HTTP request originates from 
HTTP filter, rather than from another source, the HTTP 
filter preferably appends an Iderttifier at the beginning of 
the original HTTP request, prior to re-submitting the 
HTTP request Thus the re-submitted HTTP request s 
has an additional identifier in its beginning for autherrti- 
cation purposes. 

[0084] Preferably, the server corrputer authenti- 
cates the HTTP request, based on the identifier in its 
beginning, before accepting the request and generating io 
the dynamic web page. After authenticating the request, 
the server computer removes the identifier that was 
appended, and proceeds to process the request. If the 
HTTP request is not authenticated, the server computer 
denies the request and does not proceed to generate is 
the dynamic web page. 

[0085] In a prefen'ed embodiment of the present 
Invention, the appended identifier is randomly gener- 
ated. This serves as a preventive measure against 
extracfa'on end fraudulent use of the identifier, since the so 
iderttifier is corrstantly being changed. 
[0086] When the server computer authenticates the 
re-submitted HTTP request and, in turn, dynamically 
generates the web page, it sends the web page to the 
originator of the re-submitted HTTP request; namely, to 2s 
the HTTP filter. Upon receipt of the web page, the HTTP 
filter can then parse the page to identify the images ref- 
erence therewrthin, and can generate a nvxiified web 
page in which references to protected images are 
replaced with references to substitute data, as 3o 
desaSsed hereinabove with reference to Rgures 1 and 
2. TTia modified web page is sent back to the client com- 
puter in an HTTP response. 
[0087] Reference is now made to Figure 5, which Is 
a simplified illustration of a syst^ for copyright protec- ss 
tion of digitsU. images that are referenced in dynamically 
generated web pages, in accordance with a preferred 
embodiment of the present invention. Dynamically gen- 
erated web pages are generated by a web server in 
response to an HTTP request For example, an HTTP 40 
request may contain instructions for a CGI interpreter. 
[0088] Similarly, images may also be 
dynamically generated. Examples of dynamically 
generated Images are ( img 

srCBl01.345.56.52/Getlmage.asp?image=01) arxJ 4S 
(img 

srcsl 01 .345.56.52/scripts/Qetlmage.cgi?image=name. 
iP9>- 

[0089] Unlike the system illustrated in Rgure 1 
where a requested web page already resides as an so 
HTML XML or such other web page file on a server 
corrputer, when a dient computer issues a request for a 
dynamically generated web page or a dynamically gen- 
erated image, the request cannot be filtered until after it 
is processed, since only then is the web page or the 55 
image available. 

[0090] In a preferred embodiment of the present 
invention, dynamically generated web pages are han- 



dled by re-routing an incoming HTTP request from the 
server computer to itseK. in order that the dynamicaily 
generated web page first be processed by an HTTP 
request filter before being sent to the client computer. 
Specifically, in response to a user selecting a URL with 
a CGI script or such other script client computer 106 
issues an HTTP request to server computer 100 that 
includes instnictions for generating a web page. The 
HTTP request is indicated by a drcie-l in Rgure 5. The 
incoming HTTP request is routed to a filter 502 for 
processing. Since the requested web page is not avail- 
able at this stage, filter 502 cannot parse or modify the 
page. 

[0091] Instead, fHter 502 re-submits the HTTP 
request to server computer 100. In doing so, fitter 502 
appends an identifier at the beginning of the HTTP 
request, for authentication purposes. Tlie re-8ut>mitted 
HTTP request Is Indicated by a drde-2 in Figure 5. 
When the re-submitted HTTP request arrives at server 
computer 100 ft is routed to an authenticator 504, which 
authenticates the request tiased on its appended identi- 
fier. Once authenticated, the Identifier is removed from 
the re-submitted HTTP request and it is processed by 
server computer 100. In processing the re-submftted 
HTTP request, server computer dynamicaJly generates 
a web page 506 using a dynamic web page generator 
508. Web page 506 references one or more protected 
images 108. 

[0O92] When web page 506 is generated, server 
computer 100 sends it wrthin an HTTP response to the 
address of the originator of the request TTie HTTP 
response is indicated by a drde^ In Rgure 5. Since the 
re-submitted HTTP request originated from filter 502 of 
server computer 100, the HTTP response wrth web 
page 506 is sent to server computer 100. The response 
is routed to filter 502 for further processing. 
[0093] Filter 502. after receiving the KTTP 
response wfth web page 506, can proceed to generate 
substitute data 124, and to generate a nxxlified web 
page 120 using web page nrxxjifier 122, as is described 
hereinatxsve wfth reference to Rgure 1 . Modified web 
page 120 contains a reference to substftute data 124, 
instead of a reference to protected images 108. 
[0094] Modified web page 120 is induded wfthin an 
HTTP response andi sent back to dient computer 106. 
The HTTP response induding modified web page 120 is 
indicated by a drde-4 in Rgure 5. The four indicators. 
drde-1, drde-2, cirde-3 and drde-4 taken together 
illustrate the data flow from an original HTTP request to 
a final HTTP response. 

[0095] As mentioned hereinabove, in a preferred 
embodiment of the present invention sutistitute data 
124 can be rendered so as to generate images visually 
equivalent to protected images 108. in which case the 
user can view the content of protected images 108 wfth- 
out downloading unnrodif led protected image data to di- 
ent computer 106. For example, substftute data 124 can 
be encrypted image data. 



11 



21 



EP 1 001 330 A2 



22 



[0096] Reference is now made to Figure 6, which is 
a simplified flowchart of a method for protecting digital 
images that are referenced in dynamically generated 
web pages, in ar^rdance with a prefen-ed emtxxiiment 
of the present 'nvention. The flowchart is divided into 5 
three columns. The leftmost column includes steps per- 
formed by a user, the second column from the left 
includes steps performed by a client computer, and the 
rtghtnx)st column includes steps performed by a server 
computer connected to the client computer over the w 
Internet or such other network of computers. 
{0097] At step 602 the client computer initiates a 
connection to the web server. At step 604 the server 
computer opens a communication socket between the 
client computer and the server conputer. At step 606 is 
the user opens a URL for an active server page in his 
web browser, or another such URL ttiat includes a 
request for dynamically generating a web page. At step 
608 the dient computer issues an HTTP request for an 
active server page to the sender conputer. At step 610 20 
the server computer receives the request for the active 
sender page from the client computer. At step 612 the 
server computer appends an identifier at the beginning 
of the HTTP request and at step 614 the server conrpu- 
ter re-submits the HTTP request to the server computer zs 
with the appended identifier. At step 616 the server 
computer receives the re-sut)mitted HTTP request and 
authenticates the request based on its appended Identi- 
fier, if the request is authenticated, then at step 618 the 
server computer removes the appended Identifier from so 
the request, and at step 620 the server processes the 
request and dynamicaily generates a web page that ref- 
erences one or rnore protected Images. 
[0098] At step 622 the server Incorporates the 
dynamically generated web page within an HTTP as 
response and sends it to an address of the originator of 
the HTTP request Specifically, since the HTTP request 
was re-submitted by the server conputer at step 614, 
the server computer is the originator of the re-submitted 
HTTP request and, as such, the HTTP response con- 40 
taining the web page referencing protected images is 
transmitted to the server conputer. It can be appreci- 
ated that authentication at step 616 is necessary in 
order to control HTTP responses that contain unmodi- 
fied web pages referencing protected image data, so 45 
that they are only transntitted to server computer 100. 
and not to any other computers. 
[0099] At step 624 the server conputer processes 
the dynamically generated web page similar to the 
processing described heretnatxjve with reference to so 
Figure 2. Specif icafly. the server generates a modified 
web page having references to substitute data in place 
of the references to protected Images. At step 626 the 
server conputer sends an HTTP response including the 
modified web page to the dient conrputer, and at step 55 
628 the dient computer receives the HTTP response. At 
step 630 the dient's web browser renders the modified 
web page and, in doing so, encounters the references to 



substitute data and, in turn, requests the substitute data 
from the server computer. At step 632 the server com- 
puter receives the request for the sutsstitute data, and at 
step 634 the server conputer sends the sutistitute data 
to the dient computer. At step 636 the client computer 
receives the substitute data, and at step 638 the dient 
computer's web browser processes the sut>stitute data 
and renders it embedded within the web page. Finally, 
at step 640 the user views the web page. 
[0100] As described hereinabove, in a preferred 
enrPodiment of the present invention, when a user 
views a web page containing protected images, the 
image data sent from a server computer to die user's di- 
ent conputer is substitute data. For exanple, the substi- 
tute data can be encrypted image data. This ensures 
that the user cannot use his web browser to save an 
unmodified version of the protected image. Moreover, 
as described hereinabove, in a preferred embodiment of 
the present invention, software included within the web 
browser is used to prevent the user from saving a dis- 
played image using the "Save Image As ..." option. The 
'Save Image As ..." selection can be disabled, or alter- 
natively it can be modified so that substitute image data 
is provided instead of protected image data. 
[0101 ] However, it is apparent to those stdlled in the 
art that in order to display a protected image within a 
web page, at some level within the operating system 
decoded pixel data has to be available. Typically, a video 
card displaying image data on a video monitor stores 
the image data within a video display buffer. As such, 
even if the image data is encrypted when downloaded 
to the dient conputer, within the dient video buffer the 
data is available as raw pixel data, and at some level the 
encrypted data is decoded before it can be displayed. 
[01 02] Pixel data stored within a video display buffer 
is susceptible to unauthorized use or copying, since an 
operating system typically enables a progranrtmer to 
access data in the video display buffer. For exanple. the 
Windows operating system of Microsoft Corporation of 
Redmond, WA. provides system functions, such as the 
familtar BitBIt function, for accessing pixel data within 
the video display buffer. Moreover, such operating sys- 
tems provide high level functions, such as the Print 
Saeen function, which serve to copy data from the 
video display buffer to another memory buffer, such as a 
dipboard. Once image data has been copied to a dip- 
board, it can be easily saved and used for unauthorized 
purposes. 

[0103] In a preferred ennbodiment the present 
invention prevents a user from using Windows API func- 
tions, such as BitBIt, StretchBlt. PIgBH. GetPixel and 
GDt32, to copy protected image data, by induding soft- 
ware within the user's web browser that substitutes 
other functions for those Windows API functions. For 
example, the software within the user's web browser 
provides a substitute BitBIt function, which is invoked 
instead of the standard system BitBIt function when the 
user issues a command to copy data from the video dis- 
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play buffer. TTie substitute BitBIt function includes spe- 
cial logic for dealing with protected innage data, but is 
othenvise identical to the standard system BitBIt func- 
tion. The special logic serves to supply substitut-t pixel 
data instead of protected image data, so that Xha data 5 
that is copied to the user's clipboard is different from the 
raw pixel data of protected images. For example, the 
special logic can compose watermarks and/or a text 
message onto protected image pixel data, or it can 
encrypt protected image pixel data, or it can supply a 10 
conrpteteiy white image instead of a protected image. 
[0104] By providing a substitute BitBIt function, or 
such other system level function, the present invention 
prevents unauthorized copying and use of protected 
image data whenever an attempt is made to copy from is 
the video display buffer This includes a user's invoca- 
tion of the Print Screen command, as well as another 
software application, such as an image editing applica- 
tion, running within or extemal to the user's web 
browser, attempting to copy and paste from the video 20 
display buffer. 

[01 05] Reference is now made to Rgure 7. which is 
a simplified illustration of a system fa preventing unau- 
thorized copying of digital images within a dient compu- 
ter, in accordance with a preferred embodiment of the 2S 
present invention. Client computer 106 displays an 
image accessed over the Internet using a web browser. 
The innage may be an unprotected image 702 or sutssti- 
tute data for a protected image 704. A user issues a 
command in an attempt to copy the image from his 30 
video display buffer. For example, the user may press 
the 'Print Scm" button on his keytioard. or Invoke such 
other screen capture commarxl, in order to copy the 
data in the video display buffer onto his clipboard. For 
another example, the user may try to copy and paste the 3s 
image from his web browser window into a window of 
another software application. 
[0106] The user's command invokes an operating 
system level function 706 used to access pixel data 
within the video buffer of client computer 1 06. For exam- 40 
pie, it may invoke the Windows BitBIt function. Typically, 
such a function 706 copies pixel data from the video 
buffer onto a clipboard. 

[0107] In a prefen-ed embodiment of the present 
invention, software such as a Netscape plug-in or an 4S 
Intemet Explorer Active-X control is used to modify 
operating system function 706. by introducing additional 
programming logic to be used when attempting to 
access pixel data from protected images. Modification 
of operating system function 706 is jsreferatily aocom- 60 
pushed by providing a substitute function of the same 
name, which supersedes and is invoked instead of the 
standard system function. 

[0108] When attempting to access pixel data from 
protected image 704, operating system functton 706 ss 
routes the request to an atterr^ate processing unit 708. 
Alternate processing unit 708 can pre/ent any copying 
of pixel data, or it can mocfify the pixel data so to water- 



mark or othenvise modify the protected image. Simi- 
larly, alternate processing unit 708 can output pixel data 
for a pre-deter mined image, unrelated to the protected 
image. 

[0109] On the other hand, when attempting to 
access unprotected image 702, the additional program- 
ming logic is avoided, and the standard processing is 
applied. Preferably this is accomplished by calling the 
standard system level function from within the sutistitute 
function. 

(01 1 0J Reference is now made to Rgure 8, which is 
a simplified flowchart of a method for preventing unau- 
thorized copying of digital images within a client compu- 
ter, in accordance with a preferred embodiment of the 
present invention. The flowchart is divkled into two col- 
umns. The leftnfx>st column includes steps performed by 
a user and the rightmost column includes steps per- 
formed by a client computer. 
[0111] At step 802 the user opens a web page in his 
web browser. At step 804 the dient computer rerxJers 
the web page induding an embedded image. At step 
806 the user views the web page, and at step 808 the 
user attempts to copy the embedded image by execut- 
ing a command to copy pixel data of the image from a 
video txjffer to a dipboard. For example, the user may 
execute the Print Screen or such other screen capture 
command. 

[01 1 2] At step 81 0, in response, the dient computer 
calls an operating system function, such as the Win- 
dows BitBIt fundion, to extrad pixel data from the video 
buffer and copy it to the dipboard. At step 812 control 
k>gic passes to a substitute function, and a test is made 
as to whether or not the image data in the vkleo buffer is 
protected. If so, then at step 814 processing jumps to 
step 818 where substitute program code replaces the 
requested pixel data with substitute data, and at step 
820 the substitute data is returned by the operating sys- 
tem function. If the image data in the video buffer Is not 
protected, then processing jumps to step 816 following 
step 812, and the requested pixel data is returned by 
the operating system function, as usual. 
[01 1 3] At step 822 the data returned from the oper- 
ating system function is written to the dipboard and at 
step 824 the user pastes the data from the dipboard 
into a window of another software application, or save it 
into his computer. Since substitute data was used to 
replace proteded pixel data, the user is unable to copy 
unmodfied pixel data from the protected image. 
[0114] The system and method described with ref- 
erence to Rgure 1 and Rgure 2 deal with protection of 
digital images that are located on the same server com- 
puter as the web page that references them. In such a 
scenario, the present invention preferably uses f Qtering 
software reskJing on the server oonputer to generate 
substitute image data and a modified web page, as 
descrft)ed hereinabove. 

[0115] In some cases the protected images may not 
reskle on the same computer as the web page that ref- 
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erences them, and the fOter software that modifies web 
pages and generates substitute image data may not 
reside on the computer that houses the protected 
images. Thus it may not be possible to generate substi- 
tute image data on the computer that houses the pro- 5 
tected images. 

[0116] In a preferred embodiment of the present 
invention, the protected images are first downloaded to 
the computer that houses the web page, so that substi- 
tute data can be generated at such computer. However, 10 
this process is preferably carefully arranged, so as not 
to compromise the protection of such images. Specifi- 
cally, the references to the images within the web pages 
should be disguised in aliases, so that a user cannot 
identify the protected images and access them by issu- is 
ing a direct HTTP request to the computer that houses 
them. 

[0117] The computer that houses the web page 
should preferably also contain a table of aliases, for con- 
verting image file name aliases into IP addresses and 20 
true file names. In this way. a user accessing such a 
web page can only see aliases for IP addresses of pro- 
tected Images, and cannot access them directly 
[01 1 8] Reference is now made to Rgure 9, which is 
a simplified illustration of a system for copyright protec- 25 
ton of cfigital images resicfing on a computer that are 
referenced In a web page residing an a different compu- 
ter. Client computer 106 contains a web browser 1 12, 
which issues an HTTP request for a web page from 
sender computer 900. The requested web page. 902. 30 
resides on server computer 900 (server computer #1), 
but it references a protected image 904 that resides on 
a different server oonputer 906 (server computer #2). 
As a result, server computer 900 may not be able to 
generate sut>strtute data, such as encrypted image as 
data, for protected image 104 until it first downloads 
protected image 904. 

[01 1 9] Moreover, in order to protect image 904 from 
unauthorized access, the reference in web page 902 to 
image 904 is done through an alias 908. T?tat Is, the ref- 4o 
erence does not specify the IP address and true file 
name of image 904; instead, it specifies an alias 908, 
which only server computer 900 can interpret In a pre- 
ferred embodiment of the present invention, server 
computer 900 maintains a table with entries that convert 45 
each alias 908 for a protected image into an IP address 
and true file name. 

[0120] When server computer 900 receives the 
HTTP request for web page 902 from client computer 
106. it parses web page 902 and identifies ttierewithin so 
an image reference witti an alias 908. Server computer 
900 deciphers alias 908 to determine the IP address 
and true file name for protected image 904. Sender con> 
puter 900 downloads protected image 904 from server 
computer 906, and uses it to generate substitute data ss 
910. 

[0121] Server computer 900 generates substitute 
data 910. and generates a nxxlified web page 912 
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using a web page modifior 914. Web page modifier 
replaces the reference to the alias 908 within web page 
902 by a reference to substitute data 910. Modified web 
page 91 2 is sent to client 1 06 within an HTTP response, 
and web browser 1 12 displays modified web page 912 
with substitute data 910 embedded therewithin. In a 
preferred emtxxliment of the present invention, web 
browser 112 contains a sut)stitute data processor 126 
that is used to render substitute data 910. 
[0122] Reference is now made to Figure 10, which 
is a simplified flowchart of a method for copyright pro- 
tection of digital images residing on a computer that are 
referenced in a web page residing on a different compu- 
ter. TTie flowchart is divided into four columns. The left- 
most column includes steps performed by a user, the 
second column from ttie left includes steps performed 
by a client computer, the ttiird column from the left 
includes steps performed by a first server computer 
(server computer #1), and the rightmost column 
includes steps performed by a second server computer 
(server computer^). 

[0123] At step 1002 a user opens a URL for a web 
page in his web browser. At step 1 004 the client compu- 
ter Issues an HTTP request for the web page to server 
computer #1. At step 1006 the first server computer 
receives the HTTP request for the web page. The web 
page references a protected image located on the sec- 
ond server computer, but the protected image is not ref- 
erenced by nama Rather, the protected image is 
referenced by an alias. At step 1008 the first server 
computer looks up the IP address and true file name for 
the protected image from a table with entries for map- 
ping aliases to IP addresses and true file names. 
[0124] At step 1010 the first server computer 
requests the protected Image data from the second 
server computer. At step 1012 the second server com- 
puter receives the request from the first server compu- 
ter, and at step 1 014 the second server computer sends 
tiie protected image data to the first server computer. At 
step 1016 the first server computer receives the pro- 
tected image data from ttie second server conputer. 
and at step 1 01 8 the first server computer replaces the 
protected image data with substitute data. Alternatively 
ttie firm server computer may generate substitute data 
arvi keep the protected image data intact, or it may use 
sut>stitute data that is pre-defined image or text data. 
[01 25] At step 1 020 the first sender computer modi- 
fies the web page by replacing references to ttie aliased 
image witti references to the substitute data. At step 
1022 the first computer sends an HTTP response 
including the modified web page to ttie dient computer. 
At step 1024 the client computer receives the HTTP 
response with the modified web page, and begins to 
render the web page using its web browser. The web 
browser encounters the reference to ttie substitute data 
and. in response, at step 1026 the dient computer 
requests the substitute data from the first server compu- 
ter. At step 1028 the first sender computer receives ttie 



14 



27 



EP 1 001 330 A2 



28 



request for the substitute data, and at step 1 030 the first 
server computer sends the requested sul>stitute data to 
the client computer. At step 1032 the client connputer 
receives the sutjstitute data, and at step 1 034 the client 
conputer web browser processes the substitute data in 
order to embed it within the web page. Finally, at step 
1036 the user views the requested web page with the 
image embedded, but without the protected in^ge data 
having been downloaded to the client computer, and 
without the ident'ty (i.e., IP address and true file name) 
of the protected image having been disclosed. 

User Interface 

[0126] Figures 11-18 illustrate a user interface for 
a software management protection tool operative in 
accordance with a prefen-ed embodiment of the present 
invention. Such a management protection tool is 
desatbed hereinabove with reference to Rgure 3 and 
Rgure 4, and enables an administrator to set protection 
status for images residing on one or more web server 
computers. 

[0127] Reference is new made to Rgure 1 1 , which 
illustrates a user interface dialogue box for adding a new 
site, within a protection management tod operative in 
accordance wHh a prefen-ed embodiment of the present 
invention. When a user launches the protection man- 
agement tool for the first time, a New Site dialogue box. 
such as the one illustrated in Rgure 11, opens. The 
New Site dialogue box can also be opened by the user 
at any later time, whenever he wants to administer a 
new j-ITTP site that is not already listed in a site list 
maintained by the protection management tool, by click- 
ing on the "New Site...' button in the Access Site dia- 
logue box illustrated in Rgure 12, or by clicking on the 
"New...* button in the Site List dialogue box illustrated in 
Rgure 17. The New Site dialogue box prompts the user 
to identify the new site he wishes to administer by enter- 
ing IP address for the site and a port for the site. A 
default value of 80 for the port is used, since port 80 is 
the standard HTTP port The user is also prompted to 
enter an optional alias for the site, for quick reference. 
[01 28] After entering the site identification data, the 
user can dick on "OK* to add the sire to the site list. He 
can also dick on "Cancel" to cancel his entries. Clicking 
on OK or on Cancel cause the dialogue box to dose. 
The New Site dialogue box can also be dosed by dick- 
ing on the "X" in the upper right comer of the dialogue 
box window, as is typically done to dose windows in the 
Windows operating system. 

[0129] Reference is now made to Rgure 12, which 
is an illustration of a user interface dialogue box for 
accessing a site, wHhin a protection management tool 
operative in accordance with a preferred embodiment of 
the present invention. After the user adds a new site to 
the site list in the New Site diabgue box illustrated in 
Rgure 1 1 , an Access Site dialogue txjx, such as the one 
illustrated in Rgure 12, opens. The Access Site dia- 



logue box can also be opened by the user at any time, 
whenever he wants to access sites in the site list, by 
diddng on the 'Modify' button in the Site List dialogue 
box illustrated in Rgure 17. The Access Site dialogue 

5 box prompts the user to select a specific site to admin- 
ister by entering site identification information. For ease 
of use, the user can dick on the down arrow shown at 
the right and in response the protection management 
tool displays a drop-down menu with a list of all sites 

10 tnduded in the site list. The user can then select a site 
from the menu, and the site identification information is 
automatically entered in the dialogue box. 
[01 30] The Access Site dialogue box also prompts 
the user to enter a password. The password for a site is 

IS first set when copyright protection software is installed 
on a web server computer. At the time of installation, the 
web administrator sets an initial password for the web 
site, together with other server parameters. The web 
site password can be modified at a later time, as 

so descrbed hereinbelow with reference to Rgure 16. 
[0131] The user can check the "Save Password" 
box if he wants the protection management tool to save 
the password he enters, for automatic use when he sub- 
sequently accesses the site. After entering the required 

25 data, the user can dick the "OK" button to access the 
site, or he can dick the "Cancel" button to cancel his 
entries. Clicking on OK or on Cancel cause the dialogue 
box to dose. The Access Site dialogue box can also be 
dosed by diddng on the "X" in the upper right corner of 

30 the dialogue box window, as is typically done for win- 
dows in the Windows operating system. 
[0132] If the user dicks the 'OK' button then his 
password is authenticated. If the password is correct, 
tiie user is granted access to the site, and the main 

35 screen illustrated in Rgure 13 Is opened. If the pass- 
word is incorrect the user is so notified and given a lim- 
ited number of tries to enter the corred password. In an 
alternate embodiment of the present invention, the user 
may be given an unlimited number of tries to enter the 

40 oon'ect password. 

[0133] The Access Site dialogue box also enables 
tiie user to open the New Site dialogue box illustrated in 
Rgure 1 1 . by diddng on the "New Site..." button. 
[0134] Reference is now made to Rgure 13, which 

45 is an illustration of a user interface screen for setting 
protection status, within a protection management tool 
operative in accordance with a preferred enrtbodiment of 
the present invention. The screen illustrated Is an 
Explorer-type screen, with a left panel displaying hierar- 

60 chical folder information arxj a right panel displaying 
in^ge file infomiation. At the left of each displayed 
folder name is a folder icon, color-coded to indicate the 
protection status (unprotected / partially protected / 
completely protected) of the fdder. as described herein- 

55 abova 

[01 35] the toolbar at the top of the screen indicates 
that the leftmost button, 'Get UsT. is selected. A 
description of the toolbar is provkfed hereiri>elow with 
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reference to Rgure 14. The file name Index. html' of an 
HTML page that rs in the folder /Sample/csafe is high- 
lighted in the left panel of Figure 13. The image files ref- 
erenced within index.html are displayed in the right 
panel. As shown, they are files for GIF images. The 5 
"Status" column within the right panel indicates that 
none of the images listed in the panel are protected, 
since no protection icons appear. The protection man- 
agement tool enables the user to select one or more of 
the listed images listed for setting protection. The user w 
selects one or more images by diddng on their file 
names with the mouse, and using the 'Shiff and "Con- 
trol" keys to select a contiguous group of names or mul- 
tiple names, respectively, as is the well-known standard 
for Windows operating systems. After selecting one or is 
more images, the user clicks on the "Protect" txJtton to 
have protection settings applied thereto. 
[0136] In a prefenred embodiment of the present 
invention, the "Protect" button toggles the cun-ent pro- 
tection settings, so that images that are unprotected 20 
become protected, and images that are protected 
become unprotected. In an attemate emtxxliment of the 
present Invention, the user interface may not pennit a 
user from selecting at one time both images that are 
protected and images that are unprotected, so that each 2S 
application of protection settings either sets the status 
of urprotected images to protected or sets the status of 
protected images to unprotected. 
[0137] As described hereinabove, the user can 
select one or more HTML files, to apply protection set- 30 
tings to all images referenced therein. The user can also 
select one or more folders, to apply protection settings 
to all images located therein. By navigating through the 
file system, the user can browse the web site being 
administered with the screen of Rgure 13, and select 3s 
folders, HTML pages and other types of web pages, and 
images to protect or to unprotect 
[0138] Reference is now made to Rgure 1 4. which 
is an illustration of a tool bar wittiin a protection man- 
agement tool operative in accordance with a preferred 40 
embodiment of the present invention. TTie tool bar illus- 
trated in Figure 1 4 is the one appearing at the top of the 
screen illustrated in Rgure 13. It contains eight buttons, 
entitied "Xael LisT. "Protect". "Tags". "Submlf. "Mirrors". 
"Sites", "Server and "Help". The "Get List" button is 45 
used to browse the web site being administered using 
the screen illustrated in Rgure 13 hereinabove. The 
"ProtecT button is used to apply protection settings to 
one or more selected images, as described herein- 
atsove with reference to Rgure 1 3. so 
[0139] The Tags button can be used when a user 
selects one or more HTML page file names, to protect 
images referenced wittiin protection tags in ttie selected 
HTML pages. As described hereinabove, tags such as 
< tprotect ) and ( I/protect) are used to delineate one or 55 
more sections within an HTML page, and the images 
referoTKed within the tagged sectiorts can be protected 
by selecting the HTML file name and clicking on the 



Tags" button. In distinction to tiie Protect button which 
serves to protect all of the images within selected hlTML 
pages, the "Tags" button only protects images refer- 
ences within the tagged sections of selected HTML 
pages. 

[0140] The "Submit" button is used to confimi pro- 
tection settings made by the user, and transmit them to 
ttie web server conputer for application. When the user 
dicks on ttie "Submit" button, the protection settings he 
edited are sent to the web server computer and incorpo- 
rated into the protection status datat}ase, as described 
hereinabove witti reference to Rgure 3 and Rgure 4. 
Until the user dicks on the "Submit" button, ttie protec- 
tion settings he edited are only displayed within the pro- 
tection management tool by his \oca\ corrputer. Only 
when he dicks the "Submit button" are his settings adu- 
aily applied. If ttie user does not click on ttie "Submit 
"button, then all of the protection settings he edited will 
not take effect, and ttie protection settings will remain at 
ttieir former state if he doses the saeen. 
[0141] The "Mirrors" button is used to Identify web 
sites that are mirror sites Q.e., identical sites), as 
described hereirdbelow with reference to Rgure 18. The 
"Site" button is used for updating ttie list of administered 
sites, as described hereinbebw with reference to Rgure 
1 7. The "Sender" button is used to modify sender param- 
eter settings, as descrbed hereinbekw witii reference 
to Rgure 15. The saver parameters are first initialized 
when the copyright protection software is installed on 
ttie web server computer. 

[0142] The "Help" button is used to invoke on-line 
help and documentation, as is typical for Windows appli- 
cations. 

[0143] Reference is now made to Rgure 15, which 
is an tllusttation of a user interface dialogue box for set- 
ting server parameters within a protection management 
tool operative in accordance with a prefened embodi- 
ment of the present invention. A Server Settings dia- 
logue box is invoked when a user dicks on the "Server" 
button in the tool bar illustrated in Rgure 14. 
[P144] The topmost parameter is the IP address for 
ttie web server. The parameter setting indicated in Rg- 
ure 15 specifies an IP address of 192.168.1.39 and a 
port of 80. The second parameter is the root directory 
for the web server, relative to which folder names and 
foe names are specified. The parameter setting indi- 
cated in Rgure IS specifies a root directory of d^net- 
ptfc/wwwroot The third parameter is the file name of a 
default web page ttiat is displayed vrfien a dient first 
connects to the web server, the parameter setting indi- 
cated in Rgure 15 specifies a default web page 
defaulthtm (residing in the root directory). 
[0145] The fourth parameter specifies what is to be 
perfbnned when a protected image is requested by an 
unsupported web browser. An unsupported web 
browser is one for which a substitute data processor, 
such as the one indicated in Rgure 1, is not installed. 
For such a browser the web server cannot send substi- 
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tute data, such as encrypted image data, since the 
browser will not be able to render it. Instead, the web 
server must send an image in a standard format such as 
JPEG and GIF, which the browser can render. 
[0146] In a preferred emt>odiment the protection s 
management tool offers three options for dealing wrth 
unsupported browsers: (0 allow protected images to be 
transmitted without protection; (it) replace tags for pro- 
tected images with alternate HTML, tags; and {iil} water- 
mark protected Images. TTie fourth parameter specifies io 
which of these three options the user chooses. The 
parameter setting incGcated in Frgure 15 specifies the 
third option; namely, that tiled watermarks are to be 
composited onto the protected image, and the resulting 
watermarked image is to be transmitted instead of the is 
protected image itself. Preferably, this is the default 
parameter setting. The watermarked image is transmit- 
ted in a standard image format, such as JPEG and GIF, 
and, as such, it can be displayed by the web browser. 
[0147] The fifth parameter indicates the replace- so 
ment tag to be substituted for a reference to a protected 
in^age in an HTML page, when the client is using an 
unsupported browser and when the second option 
above Is chosen for handling unsupported browsers. 
The parameter setting indicated in Rgure 15 specifies 2S 
that the replacement tag to be used is an IMG tag with 
a source file name of /defautt/En-.gif. Preferably, this is 
the default parameter setting. 
[0148] The sixth parameter indicates the image of a 
watemnark to be used to watermarking protected 30 
images, when the client is using an unsupported 
browser and when the third option above is chosen for 
handling unsupported browsers. Typically, the water- 
mark image is a small image, and tt is tiled so that the 
watemiark appears repetitively in a checkerboard fash- as 
ion, or other such fashion, over a protected image that is 
watermarked. The parameter setting indicated in Rgure 
15 specifies that the watermark image is in a fOe named 
watermark gif. The seventh parameter indicates the sat- 
uration, or opacity level, with which the watermark is to 4o 
be corrposited over a protected image, when the client 
is using an unsupported browser. A saturation of 0.0 is 
fully transparent and a saturation of 1 .0 is fully opaque. 
The parameter setting indicated in Figure 15 specifies a 
saturation level of 85%. Preferably, this is the default 4S 
parameter setting. The eighth parameter indicates a 
transparent color for the waterniark: i.e., a color to be 
treated as background and not changed by the water- 
mark. This ensures that backgrounds of protected 
images are not watermarked. The parameter setting so 
indicated in Figure 15 indicates a watermark transpar- 
ent color of white (255). Preferably, this is the defauK 
parameter setting. 

[0149] The next three parameters are disabled so 
that they cannot be edited. They indicate the DLL ver- ss 
sion of the copyright protection software, the Netscape 
version and the ActiveX version, respectively. 
[01 50} The twelfth parameter indicates the directory 
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in which substitute data, such as encrypted images, are 
cached for efffderrt re-use upon subsequent requests 
for the same protected images. The parameter setting 
indicated in Figure 15 indicates the directory /cache 
(relative to the root directory di/netpiii/wwwroot). The 
thirteenth parameter indicates the length of time during 
which a file is maintained in the cache directory. The 
parameter setting indicated in Rgure 15 indicates a 
duration of 1.440 minutes. After this duration a cached 
file is purged from the cache. The fourteenth parameter 
indicates the frequency with which the cache is moni- 
tored, to determine which files are to be purged from the 
cache. The parameter setting indicated in Rgure 15 
indicates a monitoring frequency of every 1,440 min- 
utes. 

[0151 ] The fifteenth parameter indicates a file name 
into which a fog file is written. The parameter setting 
indicated in Rgure 15 indicates a file name of 
cSafeLog.txL This file will receive log data for the copy- 
right protection software running on the server. The kig 
data may include information such as requests for pro- 
tected image data, the clients making the requests and 
the data transmitted to them in response. The sixteenth 
parameter indicates the level of detail to be written to 
the fog file. Level zero corresponds to the minimum of 
detail - only critical information, and higher levels con-e- 
spond to additional detail. 

[0152] The seventeenth parameter indicates the e- 
mail address of the administrator of the web server 
computer, to be contacted as necessary. For example, 
the administrator can be contacted whenever there is 
upgraded copyright protection software available, or 
whenever new products are available. 
[0153] After setting values for the server parame- 
ters, the user can dick on the "OK" button to apply the 
new parameter settings. The user can also dick on 
"Cancel' to cancel his entries, tf the user wishes to nrad- 
ify the password for the server, he can click on the 'Mod- 
ify Password" button, which opens the 'Modify 
Password" dialogue box, as descrit>ed with reference to 
Rgure 16. 

[01 54] Reference is now made to Rgure 1 6. whfoh 
is an illustration of a user interface dialogue box for 
modifying a password for accessing a web server, within 
a protection managemerrt tool operative in accordance 
with a prefen*ed embodiment of the present invention, A 
Modify Password dialogue box is invoked when a user 
dicks on the "Modify Password' button in the Server 
Settings dialogue box illustrated in Rgure 15. The Mod- 
ify Password diafogue box prompts the user for the typ- 
ical infomiation used when changing a password. The 
user is prompted to enter the current password, the new 
password and a confirmation of the new password. The 
user may also check a box indicating that the password 
is to be saved by the protection management tool, so 
that the user can 8ut>sequentiy access tfie web site 
without having to specify the password again (as long 
as the password remains valid). After providing the 
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requested passwords, the user can dick on the "OK" 
button to effectuate Ns change. He can also click on the 
"Cancel" button to cancel his entries. 
[0155] In a preferred embodiment of the present 
invention, the protection management tool sets a maxi- s 
mum expiration date for a password, thus forcing the 
user to update his password from time to time. 
[0156] Reference is now made to Rgure 17, which 
is an illustration of a user interface dialogue box for a 
site list, within a protection management tool operative io 
in accordance with a prefened embodiment of the 
present invention. The 'Size Lisr dialogue box is 
invoked wtien a user dicks on the "Sites" button in the 
tool bar illustrated in Rgure 14. The Site List dialogue 
box lists all of the sites Included in the site list used by is 
the protection manager tool. The sites are listed by alias 
name, or by IP address for those sites do not have an 
alias. 

[01 57] A user can add a new size to the list by dick- 
ing on the 'New..." button. A user can modify the set- so 
tings for a site already induded in the list by dicking on 
the "Modify..." buttoa A user can delete sizes from the 
site list by selecting one or more sites listed in the dia- 
logue box, and clicking on the "Delete" button. TTie 
"Delete" button is shown disabled In Rgure 17. since 25 
none of the sites listed are selected. The user closes the 
Site List dialogue box by diddng on the "Ctose" button 
or on the "X" at the top right comer of the dialogue box 
window. 

[0158] Reference is now made to Rgure 18, which 30 
is an illustration of a user interlace dialogue box for 
defining mirror sites, within a protection management 
tool operative in accordance with a preferred embodi- 
ment of the present invention. Min-or sites are identical 
web sites, used for the purpose of proliferating f Des on 35 
multiple sender computers, so as to balance the 
processing load over multiple computers, and so as to 
make it easier for users around the world to access files. 
It is the responsbtlity of web administrators to ensure 
that min-or sites are kept current. 40 
[0159] In a preferred embodiment of the present 
invention, protection settings edited by a user for a spe- 
cific web site can be applied to one or more minx>r sites 
as well, without the need for the user to explicitly edit the 
settings on each indivklual mirror site. The protection 45 
management tool preferably enables a user to identify 
sites that are mirror sites, arxj manage their protection 
settings sirrnjttaneously. A Mirror Sites dialogue box is 
invoked when a user dicks on the "Min-ors" button in the 
tool bar illustrated in Rgure 14. The Mirror Sites dia- so 
logue box is invoked while a user is accessing a specific 
site, and the infomiation it displays is relative to this spe- 
dfic site currently being accessed. 
[0160] As shown in Rgure 18, the Mirror Sites dia- 
logue box has a left panel indicating sites from among 55 
the site list that are nirrors of the site being accessed, 
and a right panel indicating sites from the site list that 
are not mirrors of the site cun'erttly being accessed. TTie 
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user can dick on one or more of the sites listed in thia 
right panel to select them, and then click on the "( Add 
to Mirrors" button to make them minor sites of the site 
being accessed. Clicking on the "( Add to Mirrors" bi t- 
ton results in the selected sites being moved from the 
right panel to the left panel. 

[0161] The user can dick on the "New... " button if 
he wishes to indude a new site, not currently induded in 
the site list as a mirror site to the site cunently being 
accessed. The user can also select one or more of the 
sites listed in the left panel eis mirror sites, and dick on 
the "Remove" button to make them non-mirror sites. 
The "Remove" button is disabled in Rgure 18, since no 
sites are shown listed as mirror sites in the Rgure. Click- 
ing on the "Remove" button results in the seleded sites 
being moved from the left panel to the right panel. 
[01 62] The user can check a box to update mirrors 
automatically, and then any edits he makes to parame- 
ter settings for the site currently being accessed will 
automatically be submitted to the mirror sites whenever 
the user dicks on the "Submit" button in the tool bar 
illustrated in Rgure 14, to submit his edits to the web 
server computer. This mode of automatic update results 
in protection settings being updated incrementally in 
minor sites each time the user edits them in one of the 
sites. However, if one or more edits are not synchro- 
nized with mirror sites, the mirror sires will lost synchro- 
nization and will not regain syrx:hronization as future 
edits are made, even if the future edits are proliferated 
to the mirror sites. This loss of synchronization can hap- 
pen, for example, if one of the mirror sites is not opera- 
tional at the time the user makes his edits to the 
protection settings or, for example, if a miaor site is 
removed from the list of mirror sites. 
[0163] In order to bring mirror sites up-to-date with 
a site currently being accessed, the Mirror Sites dia- 
fogue box also has a button for sending the cun-ent set- 
tings to the mirror sites. Giddng on this button causes 
all of the protection settings to be sent to the min-or 
sizes listed in the left panel, and not merely the incre- 
mental edits that the user made. This serves to re-syn- 
chronize the mirror sites with the site cun'ently being 
accessed, and ensures that the protection settings are 
the same at the mirror sites and the site currently being 
accessed. 

[0164] Sending all of the protection settings to mir- 
ror sites typically requires a lot of bandwidth. If only a 
few of the mirror sites need to be re-synchronized, the 
user can tenporarily move the other mirror sites from 
the left panel to the right panel, send the current protec- 
tion settings to re-synchronize the mirror sites ren^n- 
ing in the left panel, and then move the other mirror sites 
from the right panel back to the left panel. This reduces 
the number of sites to which the protection settings have 
to be transmitted. The Min'or Sites dialogue box can be 
dosed by dicking on the "Close" button, or by clicking 
on the "X" at the upper right hand comer of the dialogue 
box window. 
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[0165] Reference is now made to Figure 19. which 
Is an illustration of a virtual directory properties file 
residing on a web server conputer in accordance with a 
prefened embodiment of the present invention. The vir- 
tual directories property file is a text file named Virtual- s 
Oirectories.properties. preferably used by the web 
server to (i) protect images in dynamically generated 
web pages, and (ii) protect images residing on other 
server computers. This f Be contains the names of direc- 
tories in which dynamically generated pages and/or io 
dynamically generated images are stored, along with a 
protection status identifier for such cfirectories. Protec- 
tion status identifiers include PROTECT, TAGS and 
ACCESSIBLE. PROTECT indicates that the pages and 
images in the directory are protected. TAGS indicates is 
that only images referenced within protect tags of HTML 
pages in the directory are protected. ACCESSIBLE indi- 
cates that the pages and images in the directory are 
unprotected. 

[0166] The file illustrated in Rgure 19 indicates that so 
a directory named /cgi-bin/ (relative to the root direc- 
tory) is assigned PROTECT status. Thus pages and 
images in /cgi-bin/ that are dynamically generated will 
be protected. Figure 19 also indicates that a cfi rectory 
named /scnpts/ (relative to the root directory) is 2S 
assigned TAGS status. Thus pages in ^ripts/ that are 
dynamically generated will be protected to the extent 
that images referenced within their protect tags are pro- 
tected. 

[0167] Figure 19 also indicates an alias for images 30 
on another server computer that are to be protected. 
The alias is /lpi6.htm?, and the true address is 
http://101 .345.56.52:8081/. Thus /lpis.htm and /lprs.hlml 
are interpreted by the web server as aliases for the root 
directory of the web server with IP address 3S 
101 .345.56.52 and port 8081 . 
[01 68] The VirtualDirectories.properties f fle is man- 
ually or automatically edited by a user whenever he 
wishes to protect dynamically generated web pages, 
dynamically generated images, and images residing on 4o 
another server computer. 

Implementation Details 

[0169] In a preferred emtxxiiment of the present 4S 
invention, when the client web browser has installed a 
sut)stitute data processor such as a Netscape Smart- 
Update or plug-in. or an Internet Explorer ActiveX con- 
trol, as indicated in Rgure 1 , the substitute data used for 
protected images are encrypted images. That is. (i) pro- so 
tected images are encrypted on the web server compu- 
ter, using an encryption algorithm and an encryption key 
as Is well known to those skilled in the art; (ii) references 
to the protected images are replaced with references to 
encrypted images in the HTML pages that reference the 55 
protected images, and Oii) the encrypted images are 
transmitted from the web server to dient computers. 
The dient computers use substitute data processing 



software to decode the encrypted images and to render 
them for display on a video monitor. 
[0170] In order for this to work, it is necessary for 
the substitute data processor on the client computer to 
know the encryption algorHhm being used by the web 
server and the encryption key. This presents a potential 
security hole, in that someone couM decipher this 
encryption information from the substitute data proces- 
sor by reverse engineering, and use it for stealing copy- 
right protected images. 

[0171] In a prefen-ed embodiment of the present 
invention, the web server regularly changes the encryp- 
tion key. and possibly also the encryption algorithm. 
When each such change is made, the server computer 
transmits updated substitute data processing software 
to each registered client computer, as soon as such di- 
ent computer connects to the sender. This ensures that 
the encryption key. and possibly also the encryption 
algorithm, are changed regularly, thus thwarting 
attempts to steal copyright protected images by reverse 
engineering substitute data processors. PreferaUy 
these updates are done frequentiy enough so that the 
duratk>n between updates is likely to be less than the 
time it typically takes to discover the encryption informa- 
tion by reverse engineering. 
[0172] In a prefen'ed embodiment of ttie present 
invention, each dient that downloads a substitute data 
processor from a server computer is registered in a user 
database. This makes it possible to keep track of dients 
and send them updated software automatically. /Utema- 
tively. version Information for a substitute data proces- 
sor in a dient computer may be stored m a "cookie" or 
other such file used by web servers to identify dient 
infonnation. Using the cookie, a web server can auto- 
matically determine if a client is using out-dated soft- 
ware, and, if so, automatically update the dient 
softwara Yet another altemative is for the web server to 
do nottiing. in which case the dient software will no 
longer be able to render encrypted images after the 
encryption key and/or algorithm is updated, and the 
user will have to download updated software at his own 
initiative. 

[0173] What follows is a detailed desaiption of a 
preferred embodiment of the present invention, as rt 
operates to block screen capture utilities within a Madn- 
tosh operating system. 

[0174] For the Madntosh operating system, a 
plugin for Netscape and Internet Expk)rer is preferably 
used. The plugin consists of three parts - the plugin 
proper, a system extension (also referred to as INIT) 
and an executable client library. The system extension 
and the dient library are downloaded from a web server 
as needed, as descrtoed hereinbelow. 
[0175] The plugin is preferably placed in the Net- 
scape or Internet Exptorer Plugins folder. The system 
extension and the dient library are preferably installed 
into the Extensions Folder in the System folder of the 
user's boot disk. The system extension is an invisible 
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file, and cootatns an INIT resource that "patches" sys- 
tem calls at boot time as needed, in order to enable the 
plugin to circumvent saeen capture programs. 
[01 76] Preferatily, the system extension does not do 
processing rtself, but instead calls the plugin, wNch In s 
turn sends a patch through to the client library. The cli- 
ent library is preferably a MacOS shared library, and 
contains programming code for patches and for render- 
ing images onto a screen. TTie provides the capability to 
update code without downloading the entire plugin. io 
[0177] In order to view protected images, a user is 
first required to download the plugin and INIT. A user 
then runs an installation program to install the plugin 
into the Netscape Navigator Plugins fbWer or the Inter- 
net Explorer Plugins Folder. The user reboots his com- is 
puter in order for the INIT to apply its system patches. 
[0178] When the plugin is activated, it preferably 
reads a configuration file to determine if the client library 
or system extension needs up be updated. If the config- 
uration fBe is missing, or if the current date and time is 20 
greater than the next update check time in the configu- 
ration file, the plugin downloads a new configuration file 
that specifies the latest version of the client library and 
the system extension. If the current version of the clierrt 
library and/or the system extension on a client computer 25 
is not the latest version, then the plugin downloads the 
latest version of the client library and/or the system 
extension. 

[01 79] Prefferat)ly the configuration file includes (i) a 
date for next update check, (ii) a dient library version 30 
number, (iii) a system extension version nun4)er. (iv) a 
list of capture application types, (v) a list of capture con- 
trol panels and extensions. (vQ a list of resource types, 
and (vii) a list of non-t>lockable control panels and 
extensions. 3S 
[0180] The format for the date is of the form: 
Wed Aug 18 13:22:04 1999 

[0181] The version numbers are preferably in 
MacOS binary coded decimal version format of the 
form: 40 
M.m.bisn' 

where M is the major version number, m is ttie minor 
version number, b is the bug fix number, s is the stage 
(d. a, b or f) and rrr is the release number. 
[0182] Except for ttie list of resource types, all list 4S 
entries have the following three-line structure: 

Une 1 • Name of utility/application 
Line 2 - 4 character file type, 4 character creator 
type. 4 character resource type (packed) so 
Une 3- hex characters of pattern to match 

Line 1 includes ttie name of the utility. This line is prefer- 
ably only used by the ftst of non-blockable control pan- 
els arKl extensions. For otfier lists, ttie name "Unused" 55 
is inserted. Line 2 contains ttiree 4-character codes 
used to identify capture applications and utilities. The 
first two codes are ttie file type and creator type, and the 



ttiird code is a resource type. Line 3 contains hex codes 
for a pattern to match in ttie resource map of the file. If 
no hex pattern is used, a single caniage return is 
indudec-. 

[0183] An example of a configuration file is as fol- 
lows: 

Wed Aug 18 13:22:04 1999 

1.0.0a2 

1.0.0a2 

CaptureAppsBegin 
Unused 
APPLc2gfc2gf 
Unused 

APPLCmApCmAp 

43616D6572614D616E 

Unused 

APPLLu§»Lu§» 
Unused 

APPLSnpTSnpT 

536E61 7073686F7420496E666F 

Unused 

APPLSNAPSNAP 
53837265656E536E61 70 
CaptureAppsEnd 
CaptureUtilsBegin 
Unused 

CdevSnp2Snp2 

536E61707A 

Unused 

CdevshOTshOT 

53637265656E53686F74 

Unused 

Cdo^exPRexPR 

4578706F737572652048657973 

Unused 

CdevCaptCapt 

CaptureUtitsEnd 

ResTypesBegin 

STR# 

ShOT 

ShOT 

ShOT 

CURS 

ResTypesEnd 
AbortTypesBegin 
Appletalk Control Panel 
Cdevatdvatdv 

6853776974636841 70706C657461 6C6B444C4F4 
7 

Atx}rtTypesEnd 

[0184] When it encounters a file name, ttie web 
browser nomially identifies a type of content, and 
pushes the file to an appropriate plugin. However, in the 
present invention the parameters passed to the plugin 
provide only encrypted names for protected image files. 
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and, as such, the web browser typically cannot deter- 
mine a content type from the ffle name. Instead, the 
plugin decrypts the name and initiates the download 
itself. This prevents others from accessing protected 
images directly. Downloaded protected image files are $ 
encrypted, and the library decrypts them before they 
are used. 

[0185] MacOS uses file types arxi creator types to 
identify files and the applications that created them. The 
list of capture applications from the configuration file is io 
used by the plugin in conjunction with creator types to 
determine relevant applications to be aware of for 
ensuring copyright protection. If such a capture applica- 
tion is launched or running, the plugin preferably hides 
its images. is 
[0186] Similarly, the list of capture control panels 
and extensions from the configuration file is used by the 
plugin in conjunction with the list of resource types to 
determine if a non-application executable, such as an 
extension or control panel, is about to invoke a screen 20 
capture. 

[0187] The system extension loads itself into menv 
ory at boot time. It loote in the System Polder. Exten- 
sions Folder, Control Panels Folder and the Start Up 
items folder, for items of type INIT, edev, APPC, appe zs 
and APPl^ which are INITs. control panels, new control 
panels, applications and application extensions. For 
each of these folders, the system extension creates an 
tnfonnation list that includes a copy of the resource map 
for each such item found. The information list is used by 30 
the plugin to locate 'show stoppers;" i.e., utilities that 
cannot be blocked by known methods. 
[0188] The system extension patches the following 
traps: OpenPicture, OosePicture, CopyBits. InitGraf, 
GetResource and SetRlelnfo. ss 
[0189] A typical way for a capture utility to imple- 
ment saeen capture is by creating a MacOS Picture, 
similar to a Windows meta-ffle. Such a capture utility 
cans OpenPictureQ, CopyBits(screen,dest) and 
ClosePtctureQ. to aeate a P ICT file or to put the data on 40 
the global clipboard in PICT fonnat. If the plugin is run- 
ning, the system extension parch for OpenPictureQ sets 
a flag so that the system extension patch for CopyBitsQ 
knows that OpenPictureQ was previously called. 
[01 90} The system extension patch for CopyBitsQ is 45 
preferably a head patch; i.e.. the patch is applied and 
then the conventional system CopyBitsQ is called. The 
system extenskin patch for OpenPictureQpreferably 
calls the plugin to update rectangles of the instances, 
and to set a flag to indicate to the system extension that so 
the parch for CopyBitsQ should be used. The system 
extension patch for CopyBftsQ uses the rectangles and 
erases them on saeen, so that the conventional Copy- 
BitsQ call does not gain access to unnxxlified protected 
images. The parch for CopyBitsQ sets a flag indicating 55 
that the plugin shouU re-draw the images. 
[0191] Preferably, the plugin identifies screen cap- 
ture utilities using two methods: (i) by file type and crea- 



tor, and (ii) by the resource map of the file. When used 
together, these two methods provide a more robust way 
to identify files than does either of them alone, A Macin- 
tosh file includes two forks - a resource fork, and a data 
fork. The resource fork includes data that can be 
changed independently of the executable code; for 
example, strings, icons and dialogue boxes. 
[0192] When the resource fork for a file is opened, 
an index of the fbrK referred to as a resource map. is 
read into RAM by the resource manager. The resource 
map includes information atx)ut resources in the file. 
Resource maps are chained in a linked list - as each file 
in the chain is opened, a new map is added to the chain. 
A descriptor for the creator of a file is typically stored in 
a signature resource in the file. The signature resource 
Is part of a group of resources that enables the operat- 
ing system to associate icons and files with the creator 
type. This information can be used by a patch for 
GetResourceQ to klentify a screen capture utility that is 
running. The resource map can be searched for the sig- 
nature resource. If it can be found, then the capture util- 
ity can be identified. 

[0193] The resource type (the third 4-character 
code in line 2) can also be used to Klentify a saeen cap- 
ture utility. The hexadecimal string (line 3) can also be 
used. 

[0194] It is noted that the resource map cannot be 
used during idle time to identify capture utilities that are 
applications. The reason for this is that when the plugin 
is trying to identify capture applications during klle time, 
the resource map for the capture application is nor in an 
available chaia To overcome this, the present invention 
preferably uses the system extension patch for InttOraf Q 
to grab application resource maps as each application 
is launched. When the system extension starts up, it 
allocates a table to store 512 resource maps. When an 
application is launched, the patch for InitCBrafQ Is called, 
and the system extension stores the current resource 
map in one of the 512 entries. When the application is 
closed, the resource map is removed from the table. 
The table is accessible to the plugin, and when the 
plugin is running it examines the table to see if there is 
a signature resource or other identifying trait. If so. then 
the plugin can determine if a capture application is run- 
ning, and can hide protected images. The choice of 512 
for the size of the tat)le for the resource maps is aibi- 
trary, but has been found to be adequate. 
[01 95] Because searching for utilities installed on a 
dient computer is time consuming, the system exten- 
sion preferably does the search at startup time, and 
stores information about each INIT, cdev, APPC. appe 
and APPL file type in the System Folder. Extensions 
Folder, Startup Folder and Control Panels foWer. If 
instead the plugin was to do the search, then the search 
wouU have to be carried out each time the plugin is 
instantiated. 

[01 96] The system extension makes the information 
about the extensions and control panels available to the 
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plugin via shared memory, and the plugtn can quickty 
scan the list for installed items that cannot be blocked. 

Adanipnal Consltfgrtfijpns 

s 

[0197] In reading the above description, persons 
skilled in the art will realize that there are many appar- 
ent variations that can be applied to the methods and 
systems described. For example, although the present 
Invention has been described with respect to digital io 
Images, it applies to copyright protection of other forms 
of multi-media referenced in web pages as well, such as 
audio files, video ffles and slide shows. In each case, 
substitute data can be used so that a user can p(ay or 
view the multi-media within the web page without down- is 
loading an unmodified version of it into his computer. 
[0198] For another example, the present invention 
can be applied to copyright protection of text contained 
in web pages. Currently, text contained In web pages 
can be copied by simply selecting a section of text by 20 
dragging a mouse pointer thereover, and invoking a 
"Copy" command. TTie copied text can then be pasted 
onto a word processing application by invoking a 
"Paste" command. 

[01 99] By converting the text data into one or more ss 
Images and designating the one or more images as 
being protected, the present invention can be used to 
prevent unauthorized copying of text from a web paga 
[0200] For another exanrple, the present invention 
can be integrated with transaction software so that pro- so 
tected images can be purchased on-line. Specifically, 
when a user positions a mouse pointer over a protected 
image and right dicks on the mouse, a transaction 
menu can be popped up with one or more selections for 
purchasing the protected image. Selecting an option to as 
purchase the image can trigger e-commerce transac- 
tion software. Thus when a user tried to save the image 
using the starxlard "Save Image As ..." command, he is 
notified that the Image is copyright protected and pre- 
sented with an opportunity to purchase the image. 4o 
Selections for purchasing the image can include pur- 
chasing one or more hardcopy prints of the Image, pur- 
chasing apparel, such as clothing, containing the 
image, and purchasing an electronic version of the 
image. 4s 
[0201] In the foregoing specification, tiie invention 
has been described with reference to specific exenrh 
plary embodiments thereof. It will, however, be evident 
that various modifications and changes may be made to 
the specific exemplary embodiments without departing so 
from the broader spirit and scope of tiie invention as set 
forth in the appended claims. Accordingly, the specifica- 
tion and drawings are to be regarded In an illustrative 
rather than a restrictive sense. 
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Claims 

1. A method for protecting digital images distributed 



over a network, comprising the steps of: 

receiving a request from a client computer run- 
ning a networtc browser, for an original layout 
page containing references to digital images 
therein; 

parsing the original layout page for the refer- 
ences to digital images; 
generating a modified layout page from the 
original layout page by replacing at least one of 
the references to digital images in the original 
layout page with references to substitute data: 
and 

sending the modified layout page to ttie client 
computer. 

2. A method for protecting files distritxjted over a net- 
worK comprising the steps of: 

displaying a list of files; 

generating protection status information in 

response to selection by a user of at least one 

of the foes in the list of files; and 

sending the protection status Information to a 

server conputer. 

3. A system for protecting digital images distrSxjted 
over a networic; comprising: 

a receiver receiving a request from a client 
computer running a network browser, for an 
original layout page containing references to 
digital images therein; 

a layout page parser parsing the original layout 
page for the references to digital images; 
a layout page generator generating a modified 
layout page from tiie original layout page by 
replacing at least one of the references to dig- 
ital images in to original layout page witii refer- 
ences to substitute data; and 
a transmitter sencfing tiie modified layout page 
to the dient computer. 

4. A system for protecting files distributed over a net- 
work, comprising: 

a user interiace displaying a list of files; 
a protection status manager generating protec- 
tion status infomiation in response to selection 
by a user of at least one of the files in the list of 
files; and 

a transmitter sending the protection status 
information to a server computer. 

5. A metiiod for protecting digital images distrSxited 
over a networi^ comprising the steps of: 

receiving a request from a dient conputer; 
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submitting the request to a server computer; 
receiving an original layout page containing ref- 
erences to digital innages therein from the 
server computer; 

parsing the original layout page for the refer- 

ences to digital images; 

generating a nnodified layout page from the 

original layout page by replacing at least one of 

the references to digital infiages in the original 

layout page with references to substitute data; io 

and 

sending the modified layout page to the client 
computer. 

6. A system for protecting dtgrtal images distributed is 
over a networK comprising: 

a receiver receiving a request from a client 
computer and receiving an original layout page 
containing references to digital images therein 20 
from a server computer; 
a transmitter submitting the request to the 
server computer and sending a nx>dified layout 
page to the client computer; 
a layout page parser parsing the original layout 25 
page for the references to digital images; and 
a layout page generator generating the modi- 
fied layout page from the original layout page 
by replacing at least one of the references to 
digital images in the original layout page with 30 
references to substitute data. 

7. A method for protecting digital images displayed in 
a web browser, comprising the steps of: 

35 

displaying a digital image by a web browser, 
the digital image conprising pixel data; 
requesting access to pixel data of the digital 
image; and 

in response to said requesting, blocking access 4o 
to pixel data of the digital image. 



a web browser displaying a digital image, the 
digital image comprising pixel data; 
a command processor requesting access to 
pixel data of the digital image; and 
a request blocker, blocking access to pixel data 
of the digital image requested by said com- 
mand processor. 

1 0. A system for protecting digital images displayed in a 
web browser, comprising: 

a web browser displaying a digital image, the 

digital image comprising pixel data; 

a command processor requesting access to 

pixel data of the digrtal image; 

a request interceptor intercepting a request to 

access pixel data of the digital image received 

from said command processor; and 

a data processor providing substitute data to 

pixel data of the digital image in a response to 

the request to access pixel data of the digital 

image. 



8. A method for protecting digrtal images displayed in 
a web browser, comprising the steps of: 

45 

displaying a digital image by a web browser, 
the digital image comprising pixel data; 
requesting access to pixel data of the digital 
image; 

in response to said requesting, intercepting a so 
request to access pixel data of the digital 
image; and 

providing substitute data to pixel data of the 
digital image in a response to the request to 
access pixel data of the digital image. ss 



9. A system for protecting digital images displayed in a 
web browser; comprising: 
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